Rodolphe Breard
1ab5b4012e
Use the correct algorithm and hash function for JWK signatures
Since there is currently no possibility to chose a different account key
type, the current implementation only supports the ES256 algorithm. With
the upcoming support of different key types, it had to be changed. This
commit add support for ES384 although there is no configuration option
that can activate the actual use of it through account keys using the
NIST P-384 curve.
4 years ago
Rodolphe Breard
9246550551
Update the CONTRIBUTING.md file
rel #2 and #33
4 years ago
Rodolphe Breard
88f83bafe4
Prepare the Cargo.toml files for a different crypto library
4 years ago
Rodolphe Breard
a5b59e7ba1
Refactor the Makefile
The previous version of the Makefile used features which are specific to
GNU Make and therefore does not works on BSD systems. This new version,
which is much more simpler, works both on GNU Make and BSD Make (tested
on FreeBSD 12.1).
4 years ago
Rodolphe Breard
f2e23b20fd
ACMEd v0.9.0
4 years ago
Rodolphe Breard
c91cb82f07
Move the example service file into the contrib directory
4 years ago
Rodolphe Breard
d7693fc95f
Update the change log
4 years ago
Rodolphe Breard
3c21019cb5
Update the nix that dependabot forgot
4 years ago
Rodolphe Bréard
d75b332d0d
Merge pull request #32 from breard-r/dependabot/cargo/nix-0.18
Update nix requirement from 0.17 to 0.18
4 years ago
Rodolphe Bréard
62026d82e3
Merge pull request #31 from magiclen/master
Fix the conflicts_with setting of the `acme-ext-file` option
4 years ago
dependabot-preview[bot]
c8a2b3d37f
Update nix requirement from 0.17 to 0.18
Updates the requirements on [nix](https://github.com/nix-rust/nix ) to permit the latest version.
- [Release notes](https://github.com/nix-rust/nix/releases )
- [Changelog](https://github.com/nix-rust/nix/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nix-rust/nix/compare/v0.17.0...v0.18.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
4 years ago
Magic Len
b25d01823a
Fix the conflicts_with setting of the `acme-ext-file` option
4 years ago
Rodolphe Breard
09d01eefb5
Remove openssl calls from the acmed crate
The TLS library is encapsulated by acme_common.
5 years ago
Rodolphe Breard
501b1aa9d8
Replace `reqwest` by `attohttpc`
`reqwest` is a very good crate, however ACMEd does not require most of
its functionalities. For this job, `attohttpc` is also great and comes
with much less dependencies.
rel #1
5 years ago
Rodolphe Breard
094a9cea4e
Update the CONTRIBUTING.md file
5 years ago
Rodolphe Breard
c8c4c7c919
Require Rust 1.40
The base64 does not compile on Rust 1.39 anymore.
https://travis-ci.org/github/breard-r/acmed/builds/700636061
5 years ago
Rodolphe Breard
22d5081a3b
Move the docker build script into a `contrib` directory
rel #23
5 years ago
Rodolphe Bréard
669f13dbce
Merge pull request #23 from dbrgn/docker-build
Add build-docker.sh script
5 years ago
Rodolphe Breard
1297c6547f
Update the acmed.toml man page
5 years ago
Rodolphe Breard
803ff6f16d
List new planned features in the README
5 years ago
Rodolphe Breard
d2b46b538a
Add the link to a relevant PR in the CONTRIBUTING.md file
5 years ago
Rodolphe Breard
ff1500d15d
Fix issue link
5 years ago
Rodolphe Breard
a4e0ccfa51
Correctly handle certificate expiration on openssl
The `openssl` crate now include methods to manipulate Asn1Time objects.
Before this improvement, the certificate had to be parsed from the DER
format using the `x509-parser` crate (which is therefore no longer
required).
https://github.com/sfackler/rust-openssl/pull/1173
https://github.com/sfackler/rust-openssl/issues/687
5 years ago
Rodolphe Breard
cb5309ca00
Update the contribution suggestions on dependencies
5 years ago
Rodolphe Breard
da12bf93ba
Add support for user and groups names
5 years ago
Rodolphe Breard
21a133a778
Fix the Travis-CI configuration
5 years ago
Rodolphe Breard
6a7c33d9cc
Improve the FAQ readability
5 years ago
Rodolphe Breard
942d0a9ba7
ACMEd v0.8.0
5 years ago
Rodolphe Breard
5a06631e05
Cleanup the code
5 years ago
Rodolphe Breard
41f2bda7d3
Format the code correctly
5 years ago
Rodolphe Breard
c498cadb14
Add threads based on endpoints
Each endpoint can safely renew its certificates at the same time as
other endpoints. Hence, this operation is now done within a new thread
for each endpoint.
5 years ago
Rodolphe Breard
ef74e6c542
Update the README
5 years ago
Rodolphe Breard
3c3dbc3c6c
Update the minimal Rust version
ACMEd can no longer compile on Rust 1.28 and lower because of the
`ucd-trie` dependency.
5 years ago
Rodolphe Breard
2222b99226
Bring the rate limit back
5 years ago
Rodolphe Breard
d80ad4af9d
Merge branch 'master' of github.com:breard-r/acmed
5 years ago
Rodolphe Breard
26ce6fdf40
Refactor the HTTP back-end
The previous HTTP back-end was tightly coupled with the threads, which
was very inconvenient. It is now completely decoupled so a new threading
model may be implemented.
5 years ago
Rodolphe Breard
7ed6be48db
Update the x509-parser dependency
5 years ago
Rodolphe Breard
bfac454b92
Update the syslog dependency
5 years ago
Rodolphe Breard
b288f2b32c
Add an independent endpoint structure
Having the data relative to the endpoint in the certificate structure
makes no sense. There is no way to share it across certificates which is
sometimes needed. Also, having the other part of the endpoint data
(mostly nonce and rate limit) in different places makes it difficult to
maintain.
Hence, the endpoint structure has been created. For now it is quite
simple and does not handle every aspects of the endpoint, but this will
be implemented in the future.
5 years ago
Rodolphe Bréard
5a3d249c44
Merge pull request #27 from dbrgn/log-domains
Log certificate domains before and after renewal
5 years ago
Rodolphe Bréard
49eccdcf82
Merge pull request #30 from dbrgn/systemd
Add example systemd service file
5 years ago
Rodolphe Bréard
c09a860590
Merge pull request #28 from dbrgn/doc-cert-identification
Document how certificates are identified
5 years ago
Rodolphe Breard
52973b4b9e
Remove the PID file after exit
Fix #25
5 years ago
Rodolphe Breard
70db8e6dd9
Prevent unnecessary creation of a PID file
When running in foreground, a PID file should be created only if
the `--pid-file` option is specified.
Rel #25
5 years ago
Rodolphe Breard
eccac72460
Fix the default PID file name
5 years ago
Rodolphe Bréard
3603979ad2
Merge pull request #26 from dbrgn/manpage-fixes
Manpage fixes
5 years ago
Danilo Bargen
fad514c1ee
Add example systemd service file
5 years ago
Danilo Bargen
70d013254f
Document how certificates are identified
5 years ago
Danilo Bargen
3e49c938ea
Remove trailing period from logs
Some logs contain a trailing period, some don't. Since they don't add
any information, I removed them for more consistency.
5 years ago
Danilo Bargen
972dd4d4be
Log certificate domains before and after renewal
Right now only the id is logged as a prefix (e.g. crt-3), so it's not
possible to easily determine *which* certificate was renewed, or failed
to renew.
5 years ago