Infra
/
lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,080 Commits 4 Branches 45 Tags 7.5 MiB
Commit Graph

525 Commits

Author SHA1 Message Date
Mathias Petermann 817fc3f0fe
Merge branch 'master' into feature/store-acme-account-details 2020-10-11 14:37:31 +02:00
Hossein Shafagh 0fc050e17b
Merge branch 'master' into dymanic-digicert-ICAs 2020-10-09 17:53:54 -07:00
Hossein Shafagh 42e9b8b627 removing the intermediary from being optional 2020-10-09 15:40:25 -07:00
sirferl 5a968ffe63 Lint errors 2020-10-09 12:05:57 +02:00
sirferl d43e240a2a dded ELIF at determine_end_date, becuase of error. 2020-10-09 11:41:44 +02:00
sirferl a6a4f458e0 added Tests and removed problems in test-setup 2020-10-09 11:35:04 +02:00
Hossein Shafagh 1a270cd315 switching from static DigiCert ICAs to dynamic ones to support: 
https://knowledge.digicert.com/alerts/DigiCert-ICA-Update.html
 2020-10-07 20:06:20 -07:00
Mathias Petermann 57534d86cd Disable account saving by default 2020-10-07 12:28:22 +02:00
Mathias Petermann 8353396940 Improve tests 2020-10-07 12:28:22 +02:00
Mathias Petermann 9abd3e97e7 Add test loading acme account from authority 2020-10-07 12:28:22 +02:00
Mathias Petermann bf66de0bfd Add Test for saving the accound details 2020-10-07 12:28:22 +02:00
Mathias Petermann e0708410d0 Add store_account value to options in test_setup_acme_client_success 2020-10-07 12:28:22 +02:00
Mathias Petermann eed628dbab Implement storage of acme account 2020-10-07 12:28:22 +02:00
Mathias Petermann 898b5da661 Add store_account option to acme plugin 2020-10-07 12:28:22 +02:00
Hossein Shafagh e5961146b9 session hook complains about metadata 
+ consistent language.
 2020-09-23 14:22:58 -06:00
Hossein Shafagh cc855e2758 modern python style 2020-09-18 17:16:07 -07:00
Hossein Shafagh 416f39222a testing 2020-09-18 17:02:19 -07:00
Hossein Shafagh fae3793255 entrrust plugin revised 2020-09-18 11:09:32 -07:00
sirferl 02c7a5ca7c another round of lint errors 2020-09-14 16:34:56 +02:00
sirferl e011cc9251 added several enhancements following advice from peer 2020-09-14 16:24:53 +02:00
sirferl 9778eb7b25 fixed lint errors 2020-09-14 15:56:02 +02:00
sirferl 5bb0143da4 lint errors and removed _path from the API-Cert variables 2020-09-14 15:42:36 +02:00
sirferl 84496b0f55 fixed a few problems 2020-09-14 15:18:46 +02:00
sirferl b8e3162c5f added revoke functionality 2020-09-14 14:20:11 +02:00
sirferl b337b27146 added response handler 2020-09-14 12:23:58 +02:00
sirferl 01678a714f added required vars check 2020-09-14 09:50:55 +02:00
Hossein Shafagh 8adca442e1
Merge branch 'master' into entrust-plugin 2020-09-11 17:11:57 -07:00
sayali 09a2a8fc76 Log message change 
PR comments
 2020-09-11 15:53:34 -07:00
sirferl 1c9c377751
Lint errors 2020-09-11 12:31:15 +02:00
sirferl fd52438d61
yet lint errors 2020-09-11 12:30:53 +02:00
sirferl de9ad82011
Fixed Lint complaints 2020-09-11 12:24:33 +02:00
sirferl a99a84b0b2 entrust plugin inital edit 2020-09-10 16:04:31 +02:00
sirferl f47f108f43 ientrust plgin - first version 2020-09-10 16:03:29 +02:00
sayali 8ad4448c85 Match date format for comparison + expected new lines 2020-09-01 12:44:49 -07:00
sayali db4f68f0ed Logs during cert validity truncate for digicert 2020-08-31 18:20:32 -07:00
sirferl 1b73b1d080
Merge branch 'master' into master 2020-08-19 12:29:02 +02:00
sirferl c2116df652
Extended ADCS_TEMPLATE_ Variable 
If there is a config variable ADCS_TEMPLATE_<upper(authority.name)> take the value as Cert template else default to ADCS_TEMPLATE to be compatible with former versions
 2020-08-19 12:25:52 +02:00
sayali 6ff8910f87 mention 397 for digicert plugin 2020-08-11 18:53:19 -07:00
sayali d7ca1570be maximum 1 year validity for digicert 2020-08-11 18:02:42 -07:00
sayali bde2829e72 Modify unit test test_determine_end_date to match new config 2020-08-11 17:10:29 -07:00
sayali 7a83799bcd Cert validity should not exceed 397 days for publicly trusted issuers 2020-08-10 17:30:34 -07:00
Hossein Shafagh 3c1d6998fb
Merge branch 'master' into pinning-to-cross-signed-LE-ICA 2020-07-24 10:25:11 -07:00
Raul Benencia 0fd83d13ae Fix intermediate CA creation on cryptography plugin 2020-07-23 13:58:32 -07:00
Hossein Shafagh 2317967802 lack of an empty config file was resulting into this error 
```
Traceback (most recent call last):
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
    self.acme.request_certificate(mock_acme, [], mock_order)
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
    current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
 2020-07-15 17:04:49 -07:00
Hossein Shafagh d5ae45a0d0 Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore. 
https://letsencrypt.org/certificates/

Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html

This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
 2020-07-14 17:35:13 -07:00
Javier Ramos aa11088944
Remove f from non-f string 2020-07-02 16:48:41 +02:00
csine-nflx a7a309136f fixing whitespace and imports 2020-06-11 14:15:40 -07:00
csine-nflx f834d10f9a moving ultradns tests to separate file 2020-06-11 14:04:17 -07:00
Hossein Shafagh c3b36d697f clarification 2020-06-08 15:17:45 -07:00
Hossein Shafagh 904bc9d8b6
Merge branch 'master' into improve-expiry-email 2020-05-27 15:28:41 -07:00