605663704b
Merge branch 'master' into hosseinsh-celeryjob-sync-src-dst
2019-02-05 12:41:33 -08:00
e139b92b24
Merge branch 'master' into hshafagh-src-dst-register
2019-02-05 12:41:26 -08:00
6d1ef933c4
creating a new celery task to sync sources with destinations. This is as a measure to make sure important new destinations are also present as sources.
2019-02-05 10:48:52 -08:00
2107d58050
Merge branch 'master' into get_by_attributes
2019-02-05 10:31:35 -08:00
8d261b4120
Merge branch 'master' into special-issuer-for-selfsigned-certs
2019-02-05 10:29:20 -08:00
51248c1938
Use special issuer values <selfsigned> and <unknown> in special cases
...
This way it's easy to find/distinguish selfsigned certificates stored in
Lemur.
2019-02-05 16:56:09 +02:00
1d2771b014
Merge branch 'master' into get_by_attributes
2019-02-04 21:07:09 -08:00
f249a82d71
renaming destination to source.
2019-02-04 16:10:48 -08:00
44a060b159
adding support for creating a source while creating a new dst, while the destination is from AWS
2019-02-04 15:36:39 -08:00
c1cf8d7a92
Merge branch 'master' into ADCS-plugin
2019-02-02 19:21:22 +01:00
45fbaf159a
Merge branch 'master' into master
2019-02-01 16:50:09 -08:00
8e93d007be
Merge branch 'master' into get_by_attributes
2019-02-01 16:48:50 -08:00
6705a0e030
Merge branch 'master' into ADCS-plugin
2019-02-01 16:38:39 -08:00
36ab1c0bec
Merge branch 'master' into ADCS-plugin
2019-02-01 19:10:46 +01:00
e24a94d798
Enforce that PEM strings (certs, keys, CSR) are internally passed as str, not bytes
...
This was already true in most places but not 100%, leading to lots of redundant checks and conversions.
2019-01-30 18:11:24 +02:00
e475d90e2e
Merge branch 'master' into master
2019-01-30 07:20:44 -08:00
e5ddf08f48
Merge branch 'master' into master
2019-01-29 16:37:29 -08:00
7f4f4ffded
Merge branch 'master' into master
2019-01-29 16:30:15 -08:00
48ad20faca
moving the 2 year validity issue to the Verisign plugin, and address it there
2019-01-29 16:17:08 -08:00
1e708bf1c7
Merge branch 'master' into password_noninteractive
2019-01-29 15:21:34 -08:00
d2317acfc5
allowing create_user with noninteractive PW;updating reqs
2019-01-29 15:17:40 -08:00
29638c7f3b
Merge branch 'master' into master
2019-01-29 14:59:55 -08:00
93021a5d89
Merge branch 'master' into expose-cert-distinguished-name
2019-01-29 14:56:31 -08:00
c68a9cf80a
fixing linting issues
2019-01-29 11:10:56 -05:00
254a3079f2
fix whitespace
2019-01-29 11:01:55 -05:00
b4d1b80e04
Adding support for cfssl auth mode signing
2019-01-29 10:13:44 -05:00
c77ccdf46e
Merge branch 'master' into ADCS-plugin
2019-01-28 17:57:46 +01:00
c47fa0f9a2
adjusting the tests to reflect on the new full year convert limit!
2019-01-24 17:52:22 -08:00
a9724e7383
Resolving the 2 years error from UI during cert creation:
...
Though a CA would accept two year validity, we were getting error for being beyond 2 years.
This is because our current conversion is just current date plus 2 years,
1/25/2019 + 2 years ==> 1/25/2019
This is more strictly seen two years and 1 day extra, violating the 2 year's limit.
2019-01-24 17:23:40 -08:00
4b893ab5b4
Expose full certificate RFC 4514 Distinguished Name string
...
Using rfc4514_string() method added in cryptography version 2.5.
2019-01-23 10:03:40 +02:00
4c4fbf3e48
Implement certificates delete API call by marking a cert as 'deleted' in the database. Only certificates that have expired can be deleted.
2019-01-21 10:25:28 +01:00
cb35f19d6c
Add 'delete_cert' to enum log_type in logs table
2019-01-21 10:22:03 +01:00
0336d68ee2
Merge remote-tracking branch 'upstream/master'
2019-01-17 14:56:12 -08:00
7f88c24e83
Fix LetsEncrypt Dyn flow for duplicate CN/SAN
2019-01-17 14:56:04 -08:00
d3284a4006
adjusting the query to filter authorities based on matching CN
2019-01-14 17:52:06 -08:00
3567a768d5
Compare certificate hashes to determine if Lemur already has a synced certificate
2019-01-14 13:35:55 -08:00
31a86687e7
Reduce the expense of joins
2019-01-14 09:20:02 -08:00
c4e6e7c59b
Optimize DB cert filtering
2019-01-14 08:02:27 -08:00
638a8450a3
Merge branch 'master' into more_retries
2019-01-11 11:25:00 -08:00
0e02e6da79
Be more forgiving to throttling
2019-01-11 11:13:43 -08:00
a1ca61d813
changed a too long comment
2019-01-09 09:50:26 +01:00
a43476bc87
minor errors after lint fix
2019-01-07 11:04:27 +01:00
054685fc38
Merge branch 'master' into ADCS-plugin
2019-01-07 10:23:18 +01:00
c62bcd1456
repaired several lint errors
2019-01-07 10:02:37 +01:00
542e953919
Check that stored private keys match certificates
...
This is done in two places:
* Certificate import validator -- throws validation errors.
* Certificate model constructor -- to ensure integrity of Lemur's data
even when issuer plugins or other code paths have bugs.
2018-12-31 16:28:20 +02:00
6a31856d0d
Update plugin.py
2018-12-21 12:33:47 -08:00
b5d6abb01f
Merge branch 'master' into kubernetes-improvment
2018-12-21 12:06:09 -08:00
b7332957e7
Merge branch 'master' into unicode-in-issuer-name
2018-12-21 07:59:20 -08:00
70381c4c89
Merge branch 'master' into kubernetes-fix
2018-12-21 07:44:11 -08:00
a14fe08a63
Merge branch 'master' into kubernetes-improvment
2018-12-21 07:42:13 -08:00
fb7605e34b
Merge branch 'master' into unicode-in-issuer-name
2018-12-21 07:41:08 -08:00
72f6fdb17d
Properly handle Unicode in issuer name sanitization
...
If the point of sanitization is to get rid of all non-alphanumeric
characters then Unicode characters should probably be forbidden too.
We can re-use the same sanitization function as used for cert 'name'
2018-12-21 16:34:12 +02:00
0f2e30cdae
Deduplicate rows before notification associations unique constraint migration
2018-12-21 12:11:33 +02:00
f02178c154
added ADCS issuer and source plugin
2018-12-20 11:54:47 +01:00
fbf48316b1
Minor changes for code review suggestions.
2018-12-18 22:43:32 -05:00
073d05ae21
Merge branch 'kubernetes-fix' into kubernetes-improvment
2018-12-18 22:26:03 -05:00
e7313da03e
Minor changes for code review suggestions.
2018-12-18 22:24:48 -05:00
425a07e988
Merge branch 'master' into destination-tpl-fix
2018-12-18 12:27:35 -08:00
513e876e2e
Merge branch 'master' into master
2018-12-18 12:18:38 -08:00
bc621c1468
Improve the Kubernetes Destination plugin
...
The plugin now supports loading details from local files rather than requiring them to be entered through the UI. This is especially relaent when Lemur is deployed on Kubernetes as the certificate, token, and current namespace will be injected into the pod. The location these details are injected are the defaults if no configuration details are supplied.
The plugin now supports deploying the secret in three different formats:
* Full - matches the formate used by the plugin prior to these changes.
* TLS - creates a secret of type kubernetes.io/tls and includes the certificate chain and private key, this format is used by many kubernetes features.
* Certificate - creates a secret containing only the certificate chain, suitable for use as trust authority where private keys should _NOT_ be deployed.
The deployed secret can now have a name set through the configuration options; the setting allows the insertion of the placeholder '{common_name}' which will be replaced by the certificate's common name value.
Debug level logging has been added.
2018-12-12 13:25:36 -08:00
a50d80992c
updated query to ignore empty parameters
2018-12-12 12:45:48 +01:00
060c78fd91
Fix Kubernetes Destination Plugin
...
The Kubernetes plugin was broken. There were two major issues:
* The server certificate was entered in a string input making it impossible (as far as I know) to enter a valid PEM certificate.
* The base64 encoding calls were passing strings where bytes were expected.
The fix to the first issue depends on #2218 and a change in the options structure. I've also included some improved input validation and logging.
2018-12-10 15:33:04 -08:00
437d918cf7
Fix textarea and validation on destination page
...
The destination configuration page did not previously support a textarea input as was supported on most other pages. The validation of string inputs was not being performed. This commit addresses both of those issues and corrects the validation expressions for the AWS and S3 destination plugins so that they continue to function. The SFTP destination plugin does not have any string validation. The Kubernetes plugin does not work at all as far as I can tell; there will be another PR in the coming days to address that.
2018-12-10 12:04:16 -08:00
dcf5ce0eec
Merge branch 'master' into master
2018-12-07 13:57:59 +01:00
c32e20b6fc
Fix notifications - Ensure that notifcation e-mails are sent appropriately
2018-12-06 12:25:43 -08:00
e0ac749734
When parsing SAN's, ignore unknown san_types, because in some cases they can contain unparsable/serializable values, resulting in a TypeError(repr(o) + " is not JSON serializable")
2018-12-06 16:47:53 +01:00
2a235fb0e2
Prefer DNS provider with longest matching zone
2018-11-30 12:44:52 -08:00
a90154e0ae
LetsEncrypt Celery Flow
2018-11-29 09:29:05 -08:00
39b76d18dc
add countdown to async call
2018-11-28 14:41:56 -08:00
e074a14ee9
unit test
2018-11-28 14:27:03 -08:00
2381d0a4bb
Add async call to create pending cert when needed
2018-11-28 11:32:52 -08:00
da10913045
Only search nested group memberships when LDAP_IS_ACTIVE_DIRECTORY is True
2018-11-20 10:37:36 +01:00
61839f4aca
Add support for nested group membership in ldap authenticator
2018-11-19 13:42:42 +01:00
3ce8abe46e
Left outer join on domains tables to avoid missing results
2018-11-13 14:33:17 -08:00
92a771f5ed
More accurate db count functionality
2018-11-13 09:14:21 -08:00
29be647911
Merge branch 'master' into no_csr_reissue
2018-11-12 09:54:47 -08:00
a7a05e26bc
Do not re-use CSR during certificate reissuance; Update requirement; Add more logging to celery handler
2018-11-12 09:52:11 -08:00
6f0005c78e
Avoid colliding LetsEncrypt jobs
2018-11-09 10:31:27 -08:00
1643650685
Changing essential part of query
2018-11-07 16:02:04 -08:00
08a2a2b0e5
Optimize certificate filtering by name
2018-11-07 15:34:25 -08:00
a3f96b96ee
Add fixture to failing function
2018-11-05 15:16:09 -08:00
75183ef2f2
Unpin most dependencies, and fix moto
2018-11-05 14:37:52 -08:00
61738dde9e
Run query on DB
2018-11-05 13:15:53 -08:00
52e773230d
Add new gin index to optimize ILIKE queries
2018-11-05 10:29:11 -08:00
0277e4dc05
get_or_increase_name fix for pendingcertificates
2018-10-29 13:53:30 -07:00
50761d9d3b
safer reissue, fix celery sync job
2018-10-29 13:22:50 -07:00
56ed416cb7
Celery task for sync job
2018-10-29 09:10:43 -07:00
a8b357965e
Merge branch 'master' into get_by_attributes
2018-10-29 08:15:42 -07:00
2138930102
Merge branch 'master' into get_by_attributes
2018-10-24 07:20:46 -07:00
75069cd52a
Add CSR to certificiates
...
Add csr column to certificates field, as pending certificates have
exposed the CSR already. This is required as generating CSR from
existing certificate is will not include SANs due to OpenSSL bug:
https://github.com/openssl/openssl/issues/6481
Change-Id: I9ea86c4f87067ee6d791d77dc1cce8f469cb2a22
2018-10-23 17:46:04 -07:00
b709eed3c3
Only resolve pending cert if not attempted in last 5 min
2018-10-23 13:08:43 -07:00
054cc64ee8
Prevent dashes from appearing at end of cert name in AWS
2018-10-23 12:49:58 -07:00
73ed5164cd
deps
2018-10-22 14:51:13 -07:00
b058508478
Merge branch 'master' into get_by_attributes
2018-10-22 09:09:55 -07:00
e83699b6ae
Add unique constraint to sources table - label column
2018-10-19 15:34:34 -07:00
81d114092e
Merge branch 'github' into get_by_attributes
2018-10-17 12:00:36 -04:00
48017a9d4c
Added get_by_attributes to the certificates service, for fetching certs based on arbitrary attributes. Also associated test and extra tests for other service methods
2018-10-17 11:42:09 -04:00
a912c3488d
python fix to retrigger tests
2018-10-12 07:25:58 -07:00
89a077e54c
minor change to pass stuck github check
2018-10-12 07:14:31 -07:00
13ef965666
nit: comments
2018-10-12 05:56:14 -07:00
6073f9e7b6
datetime ref fix
2018-10-12 05:51:30 -07:00
4b3d458dba
Celery task to delete old pending certs
2018-10-12 05:47:16 -07:00
cc18a68c00
Lemur LetsEncrypt Polling Support
2018-10-11 22:01:05 -07:00
e91d8ec81b
add indexes to domains and certificates tables to optimize load time
2018-10-11 11:36:50 -07:00
79033f42b4
Merge branch 'master' into improved_verify
2018-10-02 09:19:24 -04:00
40f4444099
Flake8 fix in test_verify.py
2018-10-01 22:04:31 -04:00
56282845fa
Enable optional verisign cloud transparency configuration
2018-10-01 09:20:50 -07:00
50919d85a8
Merge remote-tracking branch 'upstream/master' into improved_verify
2018-09-27 11:19:06 -04:00
590fac4aa8
docstring update in verify.py
2018-09-27 10:11:13 -04:00
f19b6382bc
Updated verify tests
2018-09-27 10:10:04 -04:00
11f2210894
Merge branch 'improved_verify' of github.com:explody/lemur into improved_verify
2018-09-27 09:28:45 -04:00
652d7f65dd
flake8 tweak
2018-09-27 09:28:21 -04:00
563f0fb9b2
Celery refactoring, celery beat job in configuration
2018-09-17 10:52:12 -07:00
23382b2777
Celery integration
2018-09-13 10:35:54 -07:00
c09d8ae630
Merge branch 'master' into fix_import_v1
2018-09-10 10:35:31 -07:00
7d42e4ce67
Fix certificate import issues
2018-09-10 10:34:47 -07:00
f6a130b09d
Add more logging to messaging
2018-09-10 09:13:31 -07:00
c9836fbf25
Merge branch 'master' into improved_verify
2018-09-06 07:33:55 -07:00
82e69db0c5
fix error message typo
2018-09-04 10:21:34 -05:00
2815ddf6c8
Moved cert object to be passed to both ocsp/crl methods so we can report in better detail on the certs. Ensured proper returns of False (revoked) True (good) None (unknown) throughout the methods.
2018-08-31 13:34:55 -04:00
34c88494b8
More specific exception catch for cert parsing. line shortening.
2018-08-31 12:19:55 -04:00
7dbca821c3
Reducing the stacked exceptions plus a bit of pep8
2018-08-31 12:01:49 -04:00
d82a615e17
Validate config - fix for issue#1629
2018-08-28 09:15:28 -07:00
453bb43157
recommit https://github.com/Netflix/lemur/pull/1612
2018-08-27 09:50:02 -07:00
1b77dfa47a
Revert "Precommit - Fix linty things"
2018-08-22 13:21:35 -07:00
3e9726d9db
Precommit work
2018-08-22 10:38:09 -07:00
6abf274680
Allow case insensitive role matching for cert permissions
2018-08-20 08:55:04 -07:00
9f64f0523b
Increase timeouts
2018-08-17 15:36:56 -07:00
43ae6c39e3
wait right here
2018-08-17 12:14:02 -07:00
7f9a035802
Fix private key bytecode issue
2018-08-17 10:59:01 -07:00
a6b1f33208
Ensure owner names are lowercase for new / updated certificates
2018-08-17 10:41:55 -07:00
1ad61b1550
allow null validity periods
2018-08-17 07:57:55 -07:00
be9d683e46
fix merge
2018-08-16 10:15:48 -07:00
da99bcda68
Better zone handling
2018-08-16 10:12:19 -07:00
2c22c9c2f1
Allow proper detection of zones, fix certificate detection
2018-08-14 14:37:45 -07:00
1a5abe6550
fix lint
2018-08-13 15:11:57 -07:00
cc836433fb
formatting
2018-08-13 15:06:16 -07:00
5829794d82
typo fix
2018-08-13 14:25:54 -07:00
bb026b8b59
Allow LetsEncrypt renewals and requesting certificates without specifying DNS provider
2018-08-13 14:22:59 -07:00
ab37189022
Merge branch 'master' into unittests-use-valid-certs
2018-08-07 09:42:39 -07:00
cf71f88680
Merge branch 'master' into fill-missing-rotation-policy
2018-08-07 08:23:29 -07:00
f9a7b97839
Merge branch 'master' into unittests-use-valid-certs
2018-08-07 07:45:45 -07:00
2869042f38
Fixed invalid JSON payloads (making API requests fail in particular) ( #1522 )
2018-08-03 15:26:48 -07:00
82158aece6
Fill in missing cert rotation_policy; don't ignore validation errors when re-issuing certs
...
CertificateInputSchema requires the rotation_policy field, but
certificates created before the field existed have set to NULL. Thus
saving such certificates failed and probably caused other errors.
Made cert re-issuing (get_certificate_primitives) more strict so such
errors are harder to miss in the future.
2018-08-03 20:06:21 +03:00
1f0f432327
Fix unit tests certificates to have correct chains and private keys
...
In preparation for certificate integrity-checking: invalid certificate
chains and mismatching private keys will no longer be allowed anywhere
in Lemur code.
The test vector certs were generated using the Lemur "cryptography"
authority plugin.
* Certificates are now more similar to real-world usage: long serial
numbers, etc.
* Private key is included for all certs, so it's easy to re-generate
anything if needed.
2018-08-03 19:45:13 +03:00
acd2701fa2
Delete dead code in unit tests ( #1510 )
2018-08-03 08:21:55 -07:00
025d177565
Merge branch 'master' into letsencrypt_account_support
2018-07-30 15:28:29 -07:00
44192d4494
remove debug print
2018-07-30 15:27:23 -07:00
0889076d3b
Support LetsEncrypt accounts
2018-07-30 15:25:02 -07:00
d6b482755b
Proper flask_restful boolean parsing.
...
This is documented here: https://github.com/flask-restful/flask-restful/issues/488
2018-07-30 13:49:41 -07:00
caf99d36d6
fix deletion
2018-07-27 15:52:22 -07:00
e16c1de001
Error logging
2018-07-27 14:17:50 -07:00
2a6dda07eb
Show and send error for pending certs
2018-07-27 14:15:14 -07:00
9b29f9f819
Adding pessimistic sqlalchemy disconnection handling
2018-07-23 10:57:22 -07:00
2f51fea743
no bare except
2018-07-20 13:43:47 -07:00
c78077d8d6
Explicit capture exception during create failure
2018-07-20 13:43:47 -07:00
bd9203fcbc
Adds an optional interval variable to notification service's
...
create_default_expiration_notifications and introduces a new optional
configuration variable, LEMUR_SECURITY_TEAM_EMAIL_INTERVALS, to allow admins
control over the centralized email notification defaults.
2018-07-20 13:43:47 -07:00
d071d85486
Clean up module imports
...
Example:
* import lemur.common.utils -> from lemur.common import utils
* import sqlalchemy.types as types -> from sqlalchemy import types
2018-07-20 13:43:47 -07:00
04ee1656ee
Cache parsed certificate instead of re-parsing for each field
...
Use @cached_property decorator to cache the results of parse_certificate().
This significantly cuts down on the number of times certs need to be
parsed for a list view.
2018-07-20 13:43:47 -07:00
56372c55b4
initial commit
2018-07-20 13:43:47 -07:00
149caa5602
Clean up module imports
...
Example:
* import lemur.common.utils -> from lemur.common import utils
* import sqlalchemy.types as types -> from sqlalchemy import types
2018-07-12 11:21:18 -07:00
b472e5e648
Cache parsed certificate instead of re-parsing for each field
...
Use @cached_property decorator to cache the results of parse_certificate().
This significantly cuts down on the number of times certs need to be
parsed for a list view.
2018-07-12 11:21:18 -07:00
64132ba92b
Expose certificate dateCreated via API
2018-07-12 11:21:18 -07:00
9ef356f59d
reformat code (noop)
2018-07-12 11:21:17 -07:00
3397fb6560
R53: Extend only TXT records
2018-06-20 10:33:35 -07:00
3efc709e03
tests
2018-06-19 21:16:35 -07:00
dda7f54a16
lint
2018-06-19 20:58:00 -07:00
2d33d3e2b8
lint
2018-06-19 20:35:00 -07:00
d50c9c7748
Merge branch 'master' into acme_validation_dns_provider_option
2018-06-19 16:45:25 -07:00
a141b8c5ea
Support concurrent issuance in Route53 for LetsEncrypt
2018-06-19 16:27:58 -07:00
b2bc431823
Merge branch 'master' into dyn2
2018-06-14 08:06:31 -07:00
4e72cb96c9
Graceful cancellation of pending cert and order details in log for acme failure
2018-06-14 08:02:34 -07:00
b99aad743b
remove linuxdst plugin
2018-06-13 15:15:09 -07:00
135f2b710c
Limit dns queries to 10 attempts
2018-06-13 15:14:48 -07:00
065e0edc5f
lint
2018-06-13 14:22:45 -07:00
d72792ff37
Fix unique dyn situation where zone does not match tld, and there's a deeper zone
2018-06-13 14:08:39 -07:00
038f5dc554
Merge branch 'master' into linuxdst
2018-06-12 07:40:40 -07:00
7f5d1a0b6b
sync error
2018-06-11 15:40:15 -07:00
92860cffca
Default configuration for DNS providers
2018-06-11 13:32:53 -07:00
80e3331596
Merge branch 'master' into master
2018-05-30 08:24:00 -07:00
2a3af5214e
Merge branch 'master' into linuxdst
2018-05-29 18:54:37 -07:00
4911d713a5
Fix import metrics in notifications/messaging.py ( #1254 )
...
`from lemur import metrics` is incorrect for notifications/messaging.py
because that is importing the `metrics` module rather than the
instanciated `lemur.extensions.metrics` object. This will cause errors
if you import notifications/messaging.py elsewhere, since it can cause
circular dependencies.
Change-Id: Ice28c480373601420fc83bae2d27bb6467cdb752
2018-05-29 18:54:16 -07:00
5e24f685c1
lint error
2018-05-29 10:46:24 -07:00
97d3621705
convert description to TEXT column
2018-05-29 10:23:01 -07:00
544a02ca3f
Addressing comments. Updating copyrights. Added function to determine authorative name server
2018-05-29 10:23:01 -07:00
ae26e44cc2
Merge branch 'master' into master
2018-05-25 11:09:23 -07:00
b0f9d33b32
Requirements update
2018-05-25 11:07:26 -07:00
5e3add0b81
docstring
2018-05-24 15:21:38 -07:00
9fc6c9aaf7
Sort and page
2018-05-24 12:55:52 -07:00
a47b6c330d
Use serial_number instead of serial ( #1251 )
...
* Add code coverage badge to README
* fixing docs (#1231 )
* Change cert.serial to serial_number
This fixes deprecation warning coming from cryptography package about
using cert.serial instead of serial_number.
Change-Id: I252820974c77cc1b80639920a5e8c2e874819dda
2018-05-23 16:04:30 -07:00
de52fa7f48
fix v1 backwards compatibility
2018-05-16 08:00:33 -07:00
680f4966a1
acme v2 support
2018-05-16 07:46:37 -07:00
a9b9b27a0b
fix tests
2018-05-10 12:58:04 -07:00
52e7ff9919
Allow specification of dns provider name only
2018-05-10 12:58:04 -07:00
f4a010e505
Merge branch 'master' into master
2018-05-09 07:52:07 -07:00
0bd14488bb
Update requirements, handle more lemur_acme exceptions, and remove take a tour button
2018-05-08 15:35:03 -07:00
6500559f8e
Fix issue with automatically renewing acme certificates
2018-05-08 14:54:10 -07:00
642dbd4098
Merge branch 'master' into linuxdst
2018-05-08 12:09:05 -07:00
a8187d15c6
quick lint
2018-05-08 11:04:25 -07:00
df5168765b
more tests
2018-05-08 11:03:17 -07:00
c26ae16060
fixing docs ( #1231 )
2018-05-08 10:58:48 -07:00
9ccb8fb838
Alembic simplification
2018-05-07 15:14:32 -07:00
e68b3d2cbd
0.7 release
2018-05-07 09:58:24 -07:00
1be3f8368f
dyn support
2018-05-04 15:01:01 -07:00
3e64dd4653
Additional work
2018-05-04 15:01:01 -07:00
74ca13861c
Merge branch 'master' into master
2018-04-27 11:19:23 -07:00
532872b3c6
dns_provider ui
2018-04-27 11:18:51 -07:00
0579b2935c
Print variable value instead of name ( #1227 )
...
* Print variable value instead of name
* Fixed ordering and variable name for stdout string
2018-04-26 09:39:42 -07:00
c5cb01bd33
Merge branch 'master' into master
2018-04-26 09:16:31 -07:00
efd5836e43
fix test
2018-04-26 09:04:13 -07:00
f0f2092fb4
Some unit tests
2018-04-25 11:19:34 -07:00
e09b7eb978
Selectively enable CORS. ( #1220 )
2018-04-24 17:10:38 -07:00
3e5db9eedb
Check for default rotation policy before updating db ( #1223 )
2018-04-24 16:55:26 -07:00
91500d1022
Minor comment & stdout corrections ( #1225 )
2018-04-24 16:53:51 -07:00
38b8df4a07
lint
2018-04-24 09:48:14 -07:00
7704f51441
Working acme flow. Pending DNS providers UI
2018-04-24 09:38:57 -07:00
81e349e07d
Merge branch 'master' into hackday
2018-04-23 10:11:49 -07:00
44e3b33aaa
More stuff. Will prioritize this more next week
2018-04-20 14:49:54 -07:00
fbce1ef7c7
temp digicert fix
2018-04-13 15:50:55 -07:00
309d10c4e2
stuff
2018-04-13 15:50:55 -07:00
4d05a09a20
fix_changes
2018-04-13 15:50:55 -07:00
3538f1a629
fix_errors
2018-04-13 15:50:55 -07:00
993958c356
up-reqs
2018-04-13 15:50:55 -07:00
2d6d2357b5
DNS Providers list returned
2018-04-13 15:50:55 -07:00
a66d85b63d
clean up a bit
2018-04-13 15:50:55 -07:00
b0bd0435c4
more stuff
2018-04-13 15:50:54 -07:00
b2e6938815
WIP: Add support for Acme/LetsEncrypt with DNS Provider integration
2018-04-13 15:50:54 -07:00
5dd03098e5
actually update deps
2018-04-13 15:50:53 -07:00
c03133622f
Correct validities
2018-04-13 15:18:17 -07:00
8303cfbd2b
Fix datetime
2018-04-13 14:53:45 -07:00
3ef550f738
Merge branch 'master' into hackday
2018-04-12 12:49:52 -07:00
f6fd262618
DNS Providers list returned
2018-04-11 15:56:00 -07:00
5125990c4c
clean up a bit
2018-04-11 07:48:04 -07:00
52cb145333
ecc: add the support for ECC ( #1191 )
...
* ecc: add the support for ECC
update generate_private_key to support ECC. Move key types to constant. Update UI for the new key types
* ecc: Remove extra line to fix linting
* ecc: Fix flake8 lint problems
* Update options.tpl.html
2018-04-10 16:54:17 -07:00
5beb319b27
more stuff
2018-04-10 16:04:07 -07:00
12622d5847
Adding metrics for request timings. ( #1190 )
2018-04-10 15:55:02 -07:00
a9baaf4da4
add(plugins): Added a statsd plugin for lemur ( #1189 )
2018-04-10 15:15:03 -07:00
f61098b874
WIP: Add support for Acme/LetsEncrypt with DNS Provider integration
2018-04-10 14:28:53 -07:00
8ca4f730e8
lemur_digicert: Do not truncate valid_to anymore ( #1187 )
...
* lemur_digicert: Do not truncate valid_to anymore
The valid_to field for Digicert supports YYYY-MM-DDTHH:MM:SSZ so we should stop truncating
* lemur_digicert: Update unit tests for valid_to
2018-04-10 13:23:09 -07:00
8e2b2123f1
Fix filtering on boolean columns, broken with SQLAlchemy 1.2 upgrade
...
SQLAlchemy 1.2 does not allow comparing string values to boolean
columns. This caused errors like:
sqlalchemy.exc.StatementError: (builtins.TypeError) Not a boolean value: 'true'
For more details see http://docs.sqlalchemy.org/en/latest/changelog/migration_12.html#boolean-datatype-now-enforces-strict-true-false-none-values
2018-04-09 18:59:23 +03:00
28614b5793
remove linuxdst plugin
2018-04-04 14:49:25 +03:00
4a0103a88d
SFTP destination plugin ( #1170 )
...
* add sftp destination plugin
2018-04-03 10:30:19 -07:00
259800ce35
Merge branch 'master' into issue_1089
2018-03-29 08:48:52 -07:00
b814a4f009
Remove get_pending_certificates from verisign issuer
2018-03-28 08:56:28 -07:00
c3a2781507
Allow quotes for exact match
2018-03-28 08:33:43 -07:00
a316cbba73
[add] Docs and default config for metric plugins ( #1148 )
2018-03-27 15:51:32 -07:00
844202f36b
check if user active properly
2018-03-26 13:14:22 -07:00
c51fed5307
allowing null basic contraints ( #1131 )
2018-03-23 11:38:47 -07:00
db746f1296
Adds support for CDLDistributionPoints. ( #1130 )
2018-03-23 08:51:18 -07:00
e15836e9ca
Update more dependencies. Remove hashes
2018-03-21 14:48:51 -07:00
Hossein Shafagh
Hossein Shafagh
Marti Raudsepp
sirferl
Curtis
Curtis Castrapel
alwaysjolley
Ronald Moesbergen
Curtis Castrapel
Curtis Castrapel
sirferl
Wesley Hartford
Ronald Moesbergen
James Chuong
Non Sequitur
Non Sequitur
Mike Culbertson
Gus Esquivel
Cyril Dangerville
Mike Grima
Steven Reiling
root
Dmitry Zykov
kevgliss
James Chuong
Zach Seils
Will Bengtson
Mihir Jham
iTitou