Commit Graph

1956 Commits

Author SHA1 Message Date
Marti Raudsepp e24a94d798 Enforce that PEM strings (certs, keys, CSR) are internally passed as str, not bytes
This was already true in most places but not 100%, leading to lots of redundant checks and conversions.
2019-01-30 18:11:24 +02:00
Curtis e475d90e2e
Merge branch 'master' into master 2019-01-30 07:20:44 -08:00
Curtis c60b712523
Merge pull request #2408 from hosseinsh/master
Resolving the 2 years error from UI during cert creation
2019-01-30 07:19:06 -08:00
Hossein Shafagh 81e5abd23d Merge branch 'master' of https://github.com/rmoesbergen/lemur into rmoesbergen-master 2019-01-29 17:17:30 -08:00
Hossein Shafagh e5ddf08f48
Merge branch 'master' into master 2019-01-29 16:37:29 -08:00
Hossein Shafagh 7f4f4ffded
Merge branch 'master' into master 2019-01-29 16:30:15 -08:00
Hossein Shafagh 48ad20faca moving the 2 year validity issue to the Verisign plugin, and address it there 2019-01-29 16:17:08 -08:00
Curtis 0a392b7bac
Merge pull request #2436 from castrapel/password_noninteractive
allowing create_user with noninteractive PW;updating reqs
2019-01-29 15:34:14 -08:00
Curtis 1e708bf1c7
Merge branch 'master' into password_noninteractive 2019-01-29 15:21:34 -08:00
Curtis 753ae3cbaf
Merge pull request #2396 from intgr/expose-cert-distinguished-name
Expose full certificate RFC 4514 Distinguished Name string
2019-01-29 15:21:12 -08:00
Curtis Castrapel d2317acfc5 allowing create_user with noninteractive PW;updating reqs 2019-01-29 15:17:40 -08:00
Curtis 29638c7f3b
Merge branch 'master' into master 2019-01-29 14:59:55 -08:00
Curtis 93021a5d89
Merge branch 'master' into expose-cert-distinguished-name 2019-01-29 14:56:31 -08:00
Curtis 7fb97ef4e5
Merge pull request #2432 from alwaysjolley/cfssl_authsign
Adding support for cfssl auth mode signing
2019-01-29 14:56:17 -08:00
alwaysjolley c68a9cf80a fixing linting issues 2019-01-29 11:10:56 -05:00
alwaysjolley 254a3079f2 fix whitespace 2019-01-29 11:01:55 -05:00
alwaysjolley b4d1b80e04 Adding support for cfssl auth mode signing 2019-01-29 10:13:44 -05:00
sirferl c77ccdf46e
Merge branch 'master' into ADCS-plugin 2019-01-28 17:57:46 +01:00
Hossein Shafagh c47fa0f9a2 adjusting the tests to reflect on the new full year convert limit! 2019-01-24 17:52:22 -08:00
Hossein Shafagh a9724e7383 Resolving the 2 years error from UI during cert creation:
Though a CA would accept two year validity, we were getting error for being beyond 2 years.
This is because our current conversion is just current date plus 2 years,
1/25/2019 + 2 years ==> 1/25/2019
This is more strictly seen two years and 1 day extra, violating the 2 year's limit.
2019-01-24 17:23:40 -08:00
Marti Raudsepp 4b893ab5b4 Expose full certificate RFC 4514 Distinguished Name string
Using rfc4514_string() method added in cryptography version 2.5.
2019-01-23 10:03:40 +02:00
Ronald Moesbergen 4c4fbf3e48 Implement certificates delete API call by marking a cert as 'deleted' in the database. Only certificates that have expired can be deleted. 2019-01-21 10:25:28 +01:00
Ronald Moesbergen cb35f19d6c Add 'delete_cert' to enum log_type in logs table 2019-01-21 10:22:03 +01:00
Curtis 4842bb0880
Merge pull request #2376 from castrapel/fix_letsencrypt_sans
Fix letsencrypt sans
2019-01-17 15:21:18 -08:00
Curtis Castrapel d689f5cda3 Fix LetsEncrypt for duplicate CN/SAN 2019-01-17 14:59:57 -08:00
Curtis Castrapel 0336d68ee2 Merge remote-tracking branch 'upstream/master' 2019-01-17 14:56:12 -08:00
Curtis Castrapel 7f88c24e83 Fix LetsEncrypt Dyn flow for duplicate CN/SAN 2019-01-17 14:56:04 -08:00
Curtis 3022af4410
Merge pull request #2367 from hosseinsh/master
fixing-lemur-authorities-CN-filtering
2019-01-15 08:15:59 -08:00
Hossein Shafagh d3284a4006 adjusting the query to filter authorities based on matching CN 2019-01-14 17:52:06 -08:00
Hossein Shafagh f9618def0b Merge branch 'master' of github.com:Netflix/lemur 2019-01-14 17:45:35 -08:00
Curtis cbfdd0c531
Merge pull request #2360 from Netflix/compare_cert_hashes
Compare certificate hashes
2019-01-14 13:48:43 -08:00
Curtis Castrapel 3567a768d5 Compare certificate hashes to determine if Lemur already has a synced certificate 2019-01-14 13:35:55 -08:00
Curtis 2c545aa4bc
Merge pull request #2359 from castrapel/db_cert_filtering_2
Reduce the expense of joins during cert query
2019-01-14 10:11:28 -08:00
Curtis 757b99e6e5
Merge branch 'master' into db_cert_filtering_2 2019-01-14 09:35:32 -08:00
Curtis Castrapel 31a86687e7 Reduce the expense of joins 2019-01-14 09:20:02 -08:00
Curtis 42ffeda90d
Merge pull request #2358 from castrapel/db_cert_filtering
Optimize DB cert filtering
2019-01-14 08:25:50 -08:00
Curtis Castrapel c4e6e7c59b Optimize DB cert filtering 2019-01-14 08:02:27 -08:00
Curtis 5ebfba26d7
Merge pull request #2338 from castrapel/more_retries
Be more forgiving to throttling
2019-01-11 11:40:08 -08:00
Curtis 638a8450a3
Merge branch 'master' into more_retries 2019-01-11 11:25:00 -08:00
Curtis Castrapel 0e02e6da79 Be more forgiving to throttling 2019-01-11 11:13:43 -08:00
Hossein Shafagh 5118681cb5
Merge pull request #2269 from intgr/verify-cert-private-key
Check that stored private keys match certificates
2019-01-10 17:01:34 -08:00
Curtis 1570cdb5d4
Merge branch 'master' into verify-cert-private-key 2019-01-10 09:50:57 -08:00
Curtis 7b70719ea7
Merge pull request #2326 from castrapel/upreq-11019
Update requirements
2019-01-10 09:38:20 -08:00
Curtis Castrapel 3ee12cc50b Update requirements 2019-01-10 09:26:15 -08:00
Hossein Shafagh cb42685322 Merge branch 'intgr-verify-cert-private-key' 2019-01-09 16:31:56 -08:00
sirferl a1ca61d813 changed a too long comment 2019-01-09 09:50:26 +01:00
Curtis 707affec01
Merge branch 'master' into ADCS-plugin 2019-01-08 10:59:19 -08:00
Curtis cdf9a53a40
Merge branch 'master' into verify-cert-private-key 2019-01-08 10:53:28 -08:00
Curtis 3637410327
Merge pull request #2290 from bby-bishopclark/patch-1
Update index.rst
2019-01-08 10:52:56 -08:00
Curtis 7bc95ba6ee
Merge branch 'master' into patch-1 2019-01-08 10:51:29 -08:00