kevgliss
d67b6c6120
Chains are not always a given. ( #645 )
2017-01-08 17:27:50 -08:00
kevgliss
83128f3019
Fixing elb sync issues. ( #641 )
...
* Fixing elb sync issues.
* Fixing de-duplications of names.
2017-01-05 16:06:34 -08:00
kevgliss
7aa5ba9c6b
Fixing an IAM syncing issue. Were duplicates were not properly sync'd… ( #638 )
...
* Fixing an IAM syncing issue. Were duplicates were not properly sync'd with Lemur. This resulted in a visibility gap. Even 'duplicates' need to sync'd to Lemur such that we can track rotation correctly. Failing on duplicates lead to missing those certificates and the endpoints onto which they were deployed. This commit removes the duplicate handling altogether.
* Fixing tests.
2017-01-04 17:46:47 -08:00
kevgliss
e5dee2d7e6
Adding additional metrics for when destinations fail to upload. ( #637 )
2016-12-28 09:52:23 -08:00
kevgliss
b0232b804e
Removing cloned date defaults. ( #636 )
2016-12-27 11:35:53 -08:00
kevgliss
de7cec35c6
Clean refactor ( #635 )
...
* Adding rotation to the UI.
* Removing spinkit dependency.
* refactoring source cleaning
2016-12-27 10:31:33 -08:00
kevgliss
700c57b807
Rotation ui ( #633 )
...
* Adding rotation to the UI.
* Removing spinkit dependency.
2016-12-26 15:55:11 -08:00
kevgliss
ce75bba2c3
Replacement refactor. ( #631 )
...
* Deprecating replacement keyword.
* Def renaming.
2016-12-26 11:09:50 -08:00
kevgliss
46f8ebd136
Modifying the way rotation works. ( #629 )
...
* Modifying the way rotation works.
* Adding docs.
* Fixing tests.
2016-12-23 13:18:42 -08:00
kevgliss
f8279d6972
Fixes a bug where pagination was incorrect. ( #628 )
2016-12-21 18:39:21 -08:00
kevgliss
072ca4da4f
Adding some additional output to rotation command. ( #627 )
2016-12-21 13:34:14 -08:00
kevgliss
8c5c30dfd4
Adding some additional output to expiration command. ( #626 )
2016-12-21 11:01:21 -08:00
kevgliss
74723d1a1f
Adding ability to modify ELBv2 endpoints. ( #624 )
2016-12-21 08:23:14 -08:00
kevgliss
cdcae4efb0
Closes #594 ( #621 )
2016-12-20 14:26:39 -08:00
kevgliss
f7c795c7f6
Closes #577 . ( #622 )
2016-12-20 14:26:29 -08:00
kevgliss
beba2ba092
Adding additional reporting and refactoring existing setup. ( #620 )
2016-12-20 12:48:14 -08:00
kevgliss
9ac10a97ce
Fix acme tests ( #619 )
...
* Ensures that in-active users are not allowed to login.
* Ensuring acme issuer loads correctly.
2016-12-19 22:59:23 -08:00
kevgliss
2f5f82d797
Ensures that in-active users are not allowed to login. ( #618 )
2016-12-19 22:58:57 -08:00
kevgliss
c7fdb2acd7
adding required variables ( #611 )
2016-12-18 18:21:22 -08:00
kevgliss
51c7216b70
Fixing configuration value. ( #610 )
...
* Fixing and configuration value.
* Pinning fake factory.
2016-12-18 18:21:12 -08:00
Marti Raudsepp
0f3ffaade0
Fall back to CN for CA name when organization is not available ( #607 )
...
In-house CAs may not have the organization field filled out.
2016-12-16 16:27:25 -08:00
kevgliss
156b98f7f0
Ensuring that rotation only happens for certificates with endpoints to rotate. ( #606 )
2016-12-15 15:20:21 -08:00
kevgliss
a09faac9a7
Endpoint sync fixes ( #604 )
2016-12-15 10:26:59 -08:00
kevgliss
d20c552248
Fixing issues with rotation. ( #603 )
...
* Fixing issues with rotation.
* Fixing tests
2016-12-14 17:30:13 -08:00
Marti Raudsepp
b327963925
Plugin base classes: update method signatures & fix raise ( #598 )
...
This way IDEs can verify method overrides in subclasses, otherwise these
are flagged as erroneous.
Changed base classes to properly raise NotImplementedError; previously
they would cause "TypeError: exceptions must derive from BaseException"
Also fixed exception handling in sources.service.clean().
2016-12-14 13:42:29 -08:00
Marti Raudsepp
1eb3d563c6
Fix error reporting for certs without private key ( #599 )
2016-12-14 13:25:56 -08:00
kevgliss
02991c70a9
Allow Lemur "start" to use the global config. ( #596 )
...
* allowing our runserver to use the config specified by -c
* Maintaining config for gunicorn
2016-12-14 13:23:50 -08:00
Marti Raudsepp
71ddbb409c
Minor documentation fixes/tweaks ( #597 )
...
Mostly typos, grammar errors and inconsistent indentation in code
examples.
Some errors detected using Topy (https://github.com/intgr/topy ), all
changes verified by hand.
2016-12-14 09:29:04 -08:00
kevgliss
565c9ae98d
adding missing init ( #587 )
2016-12-13 09:21:31 -08:00
kevgliss
03d5a6cfe1
Refactors how notifications are generated. ( #584 )
2016-12-12 11:22:49 -08:00
kevgliss
1c3ac21291
Ensuring the digicert session is handled correctly ( #579 )
2016-12-11 08:38:59 -08:00
kevgliss
968dd52f6f
Fixes ( #576 )
...
* Fixing email notification
* Adding endpoint expiration
* Fixing endpoint type for ELBs
* Allowing verisign to include additional SANs
2016-12-08 15:52:27 -08:00
kevgliss
a4b32b0d31
Fixing up notification testing ( #575 )
2016-12-08 11:33:40 -08:00
kevgliss
be1415fbd4
Ensuring new cli is available ( #574 )
2016-12-08 09:11:19 -08:00
kevgliss
b5901a1570
adding needed migration files ( #573 )
2016-12-07 17:31:59 -08:00
kevgliss
bdc6dc8683
Fixing a bug were extensions got a default value ( #572 )
2016-12-07 17:28:18 -08:00
kevgliss
5087fa67dc
skipping a few tests that aren't ready yet ( #571 )
2016-12-07 16:52:00 -08:00
kevgliss
fc205713c8
Certificate rotation enhancements ( #570 )
2016-12-07 16:24:59 -08:00
kevgliss
9adc5ad59e
Adding last updated time ( #569 )
2016-12-07 15:43:57 -08:00
kevgliss
f63ccd033d
Ensuring that endpoints without output_schema work as expected ( #568 )
2016-12-07 15:40:29 -08:00
kevgliss
00da52f32e
Ensuring that CSRs are correctly validated under python3 ( #565 )
2016-12-06 12:25:43 -08:00
kevgliss
e94cf6ddc9
Ensuring that certificates returned from digicert are in the proper format ( #564 )
2016-12-06 12:05:18 -08:00
kevgliss
81272a2f7a
Moving validation to server start. ( #563 )
2016-12-05 16:43:38 -08:00
kevgliss
e622a49b72
Adding better error handling around certificate rotation ( #562 )
2016-12-05 15:12:55 -08:00
kevgliss
9030aed8a4
Ensuring that our syncing process can find duplicate certifcates that do no need to be sync'd ( #560 )
2016-12-05 11:08:29 -08:00
kevgliss
344abbda66
fixing signature ( #556 )
2016-12-02 13:48:50 -08:00
kevgliss
834814f867
adding additional status code metrics ( #555 )
2016-12-02 13:02:59 -08:00
kevgliss
7f823a04cd
Ensuring that acme and cryptography respect different key types ( #554 )
2016-12-02 10:54:18 -08:00
kevgliss
0f5e925a1a
Ensuring that default-issuer is set ( #553 )
2016-12-02 09:54:16 -08:00
kevgliss
a40bc65fd4
Default authority. ( #549 )
...
* Enabling the specification of a default authority, if no default is found then the first available authority is selected
* PEP8
* Skipping tests relying on keytool
2016-12-01 15:42:03 -08:00
kevgliss
81bf98c746
Enabling RSA2048 and RSA4096 as available key types ( #551 )
...
* Enabling RSA2048 and RSA4096 as available key types
* Fixing re-issuance
2016-12-01 15:41:53 -08:00
kevgliss
e1bbf9d80c
Improving endpoint rotation logic ( #545 )
2016-11-30 15:11:17 -08:00
kevgliss
abb91fbb65
fixing a few minor issue with cloning ( #544 )
2016-11-30 10:54:53 -08:00
kevgliss
f9b16a2110
csr as string ( #542 )
2016-11-29 18:50:20 -08:00
kevgliss
588ac1d6a6
Digicert cis fixes ( #540 )
2016-11-29 17:15:39 -08:00
kevgliss
058d2938fb
migrating off of openssl ( #539 )
2016-11-29 11:30:44 -08:00
kevgliss
3db3214cbe
installing the digicert CIS plugin ( #537 )
2016-11-29 10:02:40 -08:00
kevgliss
bfc80f982c
minor fixes and downgrading requests ( #535 )
2016-11-28 16:50:26 -08:00
kevgliss
727bc87ede
Log fixes ( #534 )
...
* tying up some loose ends with event logging
* Ensuring creators can access
2016-11-28 14:13:16 -08:00
kevgliss
e2143d3ee8
tweaking the way data is returned ( #532 )
2016-11-28 12:29:03 -08:00
kevgliss
b46ff4158a
Initial workon the digicert high issuance api. ( #531 )
2016-11-28 10:50:58 -08:00
kevgliss
250558baf3
Ensuring that authority owners can access certificates issued by that… ( #526 )
...
* Ensuring that authority owners can access certificates issued by that authority
2016-11-25 20:35:07 -08:00
kevgliss
8e5323e2d7
migrating flask imports ( #525 )
2016-11-22 21:11:20 -08:00
kevgliss
d5d036b412
adding a work around for new gunicorn ( #523 )
2016-11-22 16:47:29 -08:00
kevgliss
9d03e75d9b
tweaking a few things to support the new marshmallow ( #522 )
2016-11-22 15:14:19 -08:00
kevgliss
06a3f3ea0d
version bump ( #520 )
2016-11-21 15:29:31 -08:00
kevgliss
12ae0a587d
teaking the way exceptions are handled ( #519 )
2016-11-21 15:26:17 -08:00
kevgliss
b3aa057d58
Upgrade deps. ( #517 )
2016-11-21 14:29:20 -08:00
kevgliss
dd6d332166
Removing python2 compatibility. ( #518 )
2016-11-21 14:03:04 -08:00
kevgliss
6eca2eb147
Re-working the way audit logs work.
...
* Adding more checks.
2016-11-21 11:28:11 -08:00
kevgliss
744e204817
Initial work on #74 . ( #514 )
...
* Initial work on #74 .
* Fixing tests.
* Adding migration script.
* Excluding migrations from coverage report.
2016-11-21 09:19:14 -08:00
kevgliss
d45e7d6b85
[WIP] - 422 elb rotate ( #493 )
...
* Initial work on certificate rotation.
* Adding ability to get additional certificate info.
* - Adding endpoint rotation.
- Removes the g requirement from all services to enable easier testing.
2016-11-18 11:27:46 -08:00
kevgliss
6fd47edbe3
Adds the ability to clone existing certificates. ( #513 )
2016-11-17 16:19:52 -08:00
kevgliss
a616310eb7
Fixing an issue were aws certificates plugins might not have a chain. ( #512 )
2016-11-17 14:47:10 -08:00
kevgliss
2130029f90
Adding new notification templates. ( #511 )
2016-11-17 14:16:59 -08:00
kevgliss
d11f254476
Closes : #469 ( #510 )
2016-11-17 12:16:30 -08:00
kevgliss
a9361fe428
Endpoints should be visible to all. ( #508 )
2016-11-17 10:45:26 -08:00
kevgliss
5345170a4f
Ensuring that the passed in configuration has precedence over the environment config. ( #507 )
2016-11-17 09:31:37 -08:00
Sakti Dwi Cahyono
520404c215
fix string -> byte conversion on python2 ( #472 )
2016-11-16 16:03:38 -08:00
kevgliss
9ac1756011
removing new 'active' logic for the time being ( #505 )
2016-11-16 15:56:24 -08:00
kevgliss
851d74da3d
Ensuring that private key is in string format before it gets stored ( #504 )
...
* Ensuring that private key is in string format before it gets stored
* Fixing failing test.
2016-11-16 15:05:25 -08:00
kevgliss
3f2691c5d4
Minor fixes. ( #502 )
2016-11-16 13:23:35 -08:00
kevgliss
eaf34b1c8b
Disabling the protect active flag ( #498 )
2016-11-16 09:31:02 -08:00
kevgliss
e9219adfb5
Ensuring model's have a basic __repr__. ( #499 )
2016-11-16 09:30:54 -08:00
kevgliss
9eddaf66cb
adding human readable string ( #500 )
2016-11-16 09:30:46 -08:00
kevgliss
0a29a3fa2a
Adding release notes. ( #459 )
2016-11-15 16:44:40 -08:00
kevgliss
9bb0787410
Ensuring that duplicates are migrated correctly. ( #496 )
...
* Ensuring that duplicates are migrated correctly.
* fixing typo
2016-11-15 16:43:45 -08:00
JohnTheodore
dd14fd202d
clean out ADMINS references ( #495 )
...
* add variables to the documentation forwq oauth2
* remove old reference to ADMINS to get rid of any confusion
2016-11-15 16:43:28 -08:00
kevgliss
114deba06e
Adding the ability to silence notifications on creation. ( #490 )
2016-11-12 09:29:42 -08:00
kevgliss
0334f1094d
fixing documentation typo ( #489 )
2016-11-11 13:35:24 -08:00
kevgliss
7af68c3cc0
Adding additional metric gathering for failed sync operations. ( #488 )
2016-11-11 13:28:01 -08:00
kevgliss
953d3a08e7
Adding example request to documentation. ( #487 )
2016-11-11 12:54:12 -08:00
kevgliss
94d619cfa6
Minor errors. ( #484 )
2016-11-10 14:34:45 -08:00
kevgliss
89470a0ce0
Adding default validity and retry logic. ( #483 )
2016-11-10 11:23:37 -08:00
kevgliss
e6b291d034
Time ( #482 )
...
* adding python 3.5 as a target
* adding env flag
* Aligning on arrow dates.
2016-11-09 10:56:22 -08:00
kevgliss
25a6c722b6
Adding digicert documentation. ( #480 )
2016-11-08 14:56:05 -08:00
kevgliss
67a5993926
fixing type in ciphers ( #479 )
2016-11-08 12:23:21 -08:00
kevgliss
aa979e31fd
Digicert plugin ( #478 )
...
* Initial work on digicert plugin.
* Adding certificate pickup, to digicert plugin.
* Removing and rotating test api key.
2016-11-07 14:40:00 -08:00
kevgliss
b74df2b3e4
Minor changes for python3. ( #477 )
2016-11-07 14:33:07 -08:00
kevgliss
4afedaf537
Fixes ( #476 )
...
* Ensures that Vault can accept bytes and strings.
* Make restricted domains optional.
* Fixing notify flag.
2016-11-04 09:16:41 -07:00