Infra/lemur
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,758 Commits 4 Branches 45 Tags
Commit Graph

1835 Commits

Author SHA1 Message Date
Neil Schelly
1b6f88f6fd Fixing handling of adding custom OIDs in UI (#653) 
* is_critical wasn't in the schema, so was getting dropped.
* isCritical in the Javascript wasn't getting assigned if it was unchecked. Now, it will be assumed false if missing.
* The display of critical or not in the list of added custom OIDs was unclear when it was just true/false with no heading. Now it will be displayed as critical or nothing instead.
* The namespace for the checkbox for isCritical was wrong, and didn't get processed with the oid/type/value variables.
 2017-01-18 14:20:44 -08:00
Neil Schelly
25340fd744 Combining Authority Key Identifier extension options in the schema. (#651) 
* Combining Authority Key Identifier extension options in the schema.
This makes processing them in the cert/csr generation stage make more sense because they are two options in the same x.509 extension. They were already in the same part of the schema for authorities, but this makes the certificates follow the same pattern, and it allows them to share the same schema/validation layout.

* Updating schema tests to match changes

* Fixing an idiot typo

* I promise to stop using Travis as a typo-corrector soon.
 2017-01-18 14:16:19 -08:00
Neil Schelly
7f2b44db04 Correcting grammar for subca ValidationError message for clarity (#657) 2017-01-18 12:34:16 -08:00
kevgliss
d67b6c6120 Chains are not always a given. (#645) 2017-01-08 17:27:50 -08:00
kevgliss
83128f3019 Fixing elb sync issues. (#641) 
* Fixing elb sync issues.

* Fixing de-duplications of names.
 2017-01-05 16:06:34 -08:00
kevgliss
7aa5ba9c6b Fixing an IAM syncing issue. Were duplicates were not properly sync'd… (#638) 
* Fixing an IAM syncing issue. Were duplicates were not properly sync'd with Lemur. This resulted in a visibility gap. Even 'duplicates' need to sync'd to Lemur such that we can track rotation correctly. Failing on duplicates lead to missing those certificates and the endpoints onto which they were deployed. This commit removes the duplicate handling altogether.

* Fixing tests.
 2017-01-04 17:46:47 -08:00
kevgliss
e5dee2d7e6 Adding additional metrics for when destinations fail to upload. (#637) 2016-12-28 09:52:23 -08:00
kevgliss
b0232b804e Removing cloned date defaults. (#636) 2016-12-27 11:35:53 -08:00
kevgliss
de7cec35c6 Clean refactor (#635) 
* Adding rotation to the UI.

* Removing spinkit dependency.

* refactoring source cleaning
 2016-12-27 10:31:33 -08:00
kevgliss
700c57b807 Rotation ui (#633) 
* Adding rotation to the UI.

* Removing spinkit dependency.
 2016-12-26 15:55:11 -08:00
kevgliss
ce75bba2c3 Replacement refactor. (#631) 
* Deprecating replacement keyword.

* Def renaming.
 2016-12-26 11:09:50 -08:00
kevgliss
46f8ebd136 Modifying the way rotation works. (#629) 
* Modifying the way rotation works.

* Adding docs.

* Fixing tests.
 2016-12-23 13:18:42 -08:00
kevgliss
f8279d6972 Fixes a bug where pagination was incorrect. (#628) 2016-12-21 18:39:21 -08:00
kevgliss
072ca4da4f Adding some additional output to rotation command. (#627) 2016-12-21 13:34:14 -08:00
kevgliss
8c5c30dfd4 Adding some additional output to expiration command. (#626) 2016-12-21 11:01:21 -08:00
kevgliss
74723d1a1f Adding ability to modify ELBv2 endpoints. (#624) 2016-12-21 08:23:14 -08:00
kevgliss
cdcae4efb0 Closes #594 (#621) 2016-12-20 14:26:39 -08:00
kevgliss
f7c795c7f6 Closes #577. (#622) 2016-12-20 14:26:29 -08:00
kevgliss
beba2ba092 Adding additional reporting and refactoring existing setup. (#620) 2016-12-20 12:48:14 -08:00
kevgliss
9ac10a97ce Fix acme tests (#619) 
* Ensures that in-active users are not allowed to login.

* Ensuring acme issuer loads correctly.
 2016-12-19 22:59:23 -08:00
kevgliss
2f5f82d797 Ensures that in-active users are not allowed to login. (#618) 2016-12-19 22:58:57 -08:00
kevgliss
c7fdb2acd7 adding required variables (#611) 2016-12-18 18:21:22 -08:00
kevgliss
51c7216b70 Fixing configuration value. (#610) 
* Fixing and configuration value.

* Pinning fake factory.
 2016-12-18 18:21:12 -08:00
Marti Raudsepp
0f3ffaade0 Fall back to CN for CA name when organization is not available (#607) 
In-house CAs may not have the organization field filled out.
 2016-12-16 16:27:25 -08:00
kevgliss
156b98f7f0 Ensuring that rotation only happens for certificates with endpoints to rotate. (#606) 2016-12-15 15:20:21 -08:00
kevgliss
a09faac9a7 Endpoint sync fixes (#604) 2016-12-15 10:26:59 -08:00
kevgliss
d20c552248 Fixing issues with rotation. (#603) 
* Fixing issues with rotation.

* Fixing tests
 2016-12-14 17:30:13 -08:00
Marti Raudsepp
b327963925 Plugin base classes: update method signatures & fix raise (#598) 
This way IDEs can verify method overrides in subclasses, otherwise these
are flagged as erroneous.

Changed base classes to properly raise NotImplementedError; previously
they would cause "TypeError: exceptions must derive from BaseException"

Also fixed exception handling in sources.service.clean().
 2016-12-14 13:42:29 -08:00
Marti Raudsepp
1eb3d563c6 Fix error reporting for certs without private key (#599) 2016-12-14 13:25:56 -08:00
kevgliss
02991c70a9 Allow Lemur "start" to use the global config. (#596) 
* allowing our runserver to use the config specified by -c

* Maintaining config for gunicorn
 2016-12-14 13:23:50 -08:00
Marti Raudsepp
71ddbb409c Minor documentation fixes/tweaks (#597) 
Mostly typos, grammar errors and inconsistent indentation in code
examples.

Some errors detected using Topy (https://github.com/intgr/topy), all
changes verified by hand.
 2016-12-14 09:29:04 -08:00
kevgliss
565c9ae98d adding missing init (#587) 2016-12-13 09:21:31 -08:00
kevgliss
03d5a6cfe1 Refactors how notifications are generated. (#584) 2016-12-12 11:22:49 -08:00
kevgliss
1c3ac21291 Ensuring the digicert session is handled correctly (#579) 2016-12-11 08:38:59 -08:00
kevgliss
968dd52f6f Fixes (#576) 
* Fixing email notification

* Adding endpoint expiration

* Fixing endpoint type for ELBs

* Allowing verisign to include additional SANs
 2016-12-08 15:52:27 -08:00
kevgliss
a4b32b0d31 Fixing up notification testing (#575) 2016-12-08 11:33:40 -08:00
kevgliss
be1415fbd4 Ensuring new cli is available (#574) 2016-12-08 09:11:19 -08:00
kevgliss
b5901a1570 adding needed migration files (#573) 2016-12-07 17:31:59 -08:00
kevgliss
bdc6dc8683 Fixing a bug were extensions got a default value (#572) 2016-12-07 17:28:18 -08:00
kevgliss
5087fa67dc skipping a few tests that aren't ready yet (#571) 2016-12-07 16:52:00 -08:00
kevgliss
fc205713c8 Certificate rotation enhancements (#570) 2016-12-07 16:24:59 -08:00
kevgliss
9adc5ad59e Adding last updated time (#569) 2016-12-07 15:43:57 -08:00
kevgliss
f63ccd033d Ensuring that endpoints without output_schema work as expected (#568) 2016-12-07 15:40:29 -08:00
kevgliss
00da52f32e Ensuring that CSRs are correctly validated under python3 (#565) 2016-12-06 12:25:43 -08:00
kevgliss
e94cf6ddc9 Ensuring that certificates returned from digicert are in the proper format (#564) 2016-12-06 12:05:18 -08:00
kevgliss
81272a2f7a Moving validation to server start. (#563) 2016-12-05 16:43:38 -08:00
kevgliss
e622a49b72 Adding better error handling around certificate rotation (#562) 2016-12-05 15:12:55 -08:00
kevgliss
9030aed8a4 Ensuring that our syncing process can find duplicate certifcates that do no need to be sync'd (#560) 2016-12-05 11:08:29 -08:00
kevgliss
344abbda66 fixing signature (#556) 2016-12-02 13:48:50 -08:00
kevgliss
834814f867 adding additional status code metrics (#555) 2016-12-02 13:02:59 -08:00