Commit Graph

2510 Commits

Author SHA1 Message Date
Hossein Shafagh 8e93d007be
Merge branch 'master' into get_by_attributes 2019-02-01 16:48:50 -08:00
Hossein Shafagh 6705a0e030
Merge branch 'master' into ADCS-plugin 2019-02-01 16:38:39 -08:00
Hossein Shafagh 73ac1591e0
Merge pull request #2337 from intgr/enforce-certs-pkeys-are-str
Enforce that PEM strings (certs, keys, CSR) are internally passed as str, not bytes
2019-02-01 16:30:25 -08:00
sirferl 36ab1c0bec
Merge branch 'master' into ADCS-plugin 2019-02-01 19:10:46 +01:00
Marti Raudsepp e24a94d798 Enforce that PEM strings (certs, keys, CSR) are internally passed as str, not bytes
This was already true in most places but not 100%, leading to lots of redundant checks and conversions.
2019-01-30 18:11:24 +02:00
Curtis e475d90e2e
Merge branch 'master' into master 2019-01-30 07:20:44 -08:00
Curtis c60b712523
Merge pull request #2408 from hosseinsh/master
Resolving the 2 years error from UI during cert creation
2019-01-30 07:19:06 -08:00
Hossein Shafagh 81e5abd23d Merge branch 'master' of https://github.com/rmoesbergen/lemur into rmoesbergen-master 2019-01-29 17:17:30 -08:00
Hossein Shafagh e5ddf08f48
Merge branch 'master' into master 2019-01-29 16:37:29 -08:00
Hossein Shafagh 7f4f4ffded
Merge branch 'master' into master 2019-01-29 16:30:15 -08:00
Hossein Shafagh 48ad20faca moving the 2 year validity issue to the Verisign plugin, and address it there 2019-01-29 16:17:08 -08:00
Curtis 0a392b7bac
Merge pull request #2436 from castrapel/password_noninteractive
allowing create_user with noninteractive PW;updating reqs
2019-01-29 15:34:14 -08:00
Curtis 1e708bf1c7
Merge branch 'master' into password_noninteractive 2019-01-29 15:21:34 -08:00
Curtis 753ae3cbaf
Merge pull request #2396 from intgr/expose-cert-distinguished-name
Expose full certificate RFC 4514 Distinguished Name string
2019-01-29 15:21:12 -08:00
Curtis Castrapel d2317acfc5 allowing create_user with noninteractive PW;updating reqs 2019-01-29 15:17:40 -08:00
Curtis 29638c7f3b
Merge branch 'master' into master 2019-01-29 14:59:55 -08:00
Curtis 93021a5d89
Merge branch 'master' into expose-cert-distinguished-name 2019-01-29 14:56:31 -08:00
Curtis 7fb97ef4e5
Merge pull request #2432 from alwaysjolley/cfssl_authsign
Adding support for cfssl auth mode signing
2019-01-29 14:56:17 -08:00
alwaysjolley c68a9cf80a fixing linting issues 2019-01-29 11:10:56 -05:00
alwaysjolley 254a3079f2 fix whitespace 2019-01-29 11:01:55 -05:00
alwaysjolley b4d1b80e04 Adding support for cfssl auth mode signing 2019-01-29 10:13:44 -05:00
sirferl c77ccdf46e
Merge branch 'master' into ADCS-plugin 2019-01-28 17:57:46 +01:00
Hossein Shafagh c47fa0f9a2 adjusting the tests to reflect on the new full year convert limit! 2019-01-24 17:52:22 -08:00
Hossein Shafagh a9724e7383 Resolving the 2 years error from UI during cert creation:
Though a CA would accept two year validity, we were getting error for being beyond 2 years.
This is because our current conversion is just current date plus 2 years,
1/25/2019 + 2 years ==> 1/25/2019
This is more strictly seen two years and 1 day extra, violating the 2 year's limit.
2019-01-24 17:23:40 -08:00
Marti Raudsepp 4b893ab5b4 Expose full certificate RFC 4514 Distinguished Name string
Using rfc4514_string() method added in cryptography version 2.5.
2019-01-23 10:03:40 +02:00
Ronald Moesbergen 4c4fbf3e48 Implement certificates delete API call by marking a cert as 'deleted' in the database. Only certificates that have expired can be deleted. 2019-01-21 10:25:28 +01:00
Ronald Moesbergen cb35f19d6c Add 'delete_cert' to enum log_type in logs table 2019-01-21 10:22:03 +01:00
Curtis 4842bb0880
Merge pull request #2376 from castrapel/fix_letsencrypt_sans
Fix letsencrypt sans
2019-01-17 15:21:18 -08:00
Curtis Castrapel d689f5cda3 Fix LetsEncrypt for duplicate CN/SAN 2019-01-17 14:59:57 -08:00
Curtis Castrapel 0336d68ee2 Merge remote-tracking branch 'upstream/master' 2019-01-17 14:56:12 -08:00
Curtis Castrapel 7f88c24e83 Fix LetsEncrypt Dyn flow for duplicate CN/SAN 2019-01-17 14:56:04 -08:00
Curtis 3022af4410
Merge pull request #2367 from hosseinsh/master
fixing-lemur-authorities-CN-filtering
2019-01-15 08:15:59 -08:00
Hossein Shafagh d3284a4006 adjusting the query to filter authorities based on matching CN 2019-01-14 17:52:06 -08:00
Hossein Shafagh f9618def0b Merge branch 'master' of github.com:Netflix/lemur 2019-01-14 17:45:35 -08:00
Curtis cbfdd0c531
Merge pull request #2360 from Netflix/compare_cert_hashes
Compare certificate hashes
2019-01-14 13:48:43 -08:00
Curtis Castrapel 3567a768d5 Compare certificate hashes to determine if Lemur already has a synced certificate 2019-01-14 13:35:55 -08:00
Curtis 2c545aa4bc
Merge pull request #2359 from castrapel/db_cert_filtering_2
Reduce the expense of joins during cert query
2019-01-14 10:11:28 -08:00
Curtis 757b99e6e5
Merge branch 'master' into db_cert_filtering_2 2019-01-14 09:35:32 -08:00
Curtis Castrapel 31a86687e7 Reduce the expense of joins 2019-01-14 09:20:02 -08:00
Curtis 42ffeda90d
Merge pull request #2358 from castrapel/db_cert_filtering
Optimize DB cert filtering
2019-01-14 08:25:50 -08:00
Curtis Castrapel c4e6e7c59b Optimize DB cert filtering 2019-01-14 08:02:27 -08:00
Curtis 5ebfba26d7
Merge pull request #2338 from castrapel/more_retries
Be more forgiving to throttling
2019-01-11 11:40:08 -08:00
Curtis 638a8450a3
Merge branch 'master' into more_retries 2019-01-11 11:25:00 -08:00
Curtis Castrapel 0e02e6da79 Be more forgiving to throttling 2019-01-11 11:13:43 -08:00
Hossein Shafagh 5118681cb5
Merge pull request #2269 from intgr/verify-cert-private-key
Check that stored private keys match certificates
2019-01-10 17:01:34 -08:00
Curtis 1570cdb5d4
Merge branch 'master' into verify-cert-private-key 2019-01-10 09:50:57 -08:00
Curtis 7b70719ea7
Merge pull request #2326 from castrapel/upreq-11019
Update requirements
2019-01-10 09:38:20 -08:00
Curtis Castrapel 3ee12cc50b Update requirements 2019-01-10 09:26:15 -08:00
Hossein Shafagh cb42685322 Merge branch 'intgr-verify-cert-private-key' 2019-01-09 16:31:56 -08:00
sirferl a1ca61d813 changed a too long comment 2019-01-09 09:50:26 +01:00