acmed

Commit Graph

Author	SHA1	Message	Date
Rodolphe Breard	6177fffb7e	ACMEd 0.5.0	6 years ago
Rodolphe Breard	c06cb6aad7	Add env variable definition in the global section	6 years ago
Rodolphe Breard	8444f34f55	Improve the basic certificate config example	6 years ago
Rodolphe Breard	d24c78ee17	Allow to configure per-domain environment variables	6 years ago
Rodolphe Breard	dd2c2f9888	Document the default hooks	6 years ago
Rodolphe Breard	626921271b	Fix the tls-alpn-01-tacd-unix hook name	6 years ago
Rodolphe Breard	8d9ef17e1c	Allow to configure environment variables for a given certificate Sometimes, you want hooks to use different parameters depending on the certificate. In order to achieve this, it is now now possible to configure environment variables at certificate scope. Thanks to this, the default hooks have been rewrote in order to use cover more use cases.	6 years ago
Rodolphe Breard	03850d20e6	Add environment variables to hook templates	6 years ago
Rodolphe Breard	73df1bb951	Allow tacd to listen on a unix socket	6 years ago
Rodolphe Breard	b7c3e4d381	Add default hooks	6 years ago
Rodolphe Breard	7eed211434	Allow the config file to include other files	6 years ago
Rodolphe Breard	2eff6cd799	Display a warning when fetching order or an authorization Orders and authorization can both contain an error which can, for example, help an user to fix a broken hook. It is therefore very useful to display it. Plus, when pooling one of those objects, having an error does not mean we should stop pooling since the error may be temporary.	6 years ago
Rodolphe Breard	03b24a0a55	Update dependencies before building	6 years ago
Rodolphe Breard	d1d393f7a6	ACMEd 0.4.0	6 years ago
Rodolphe Breard	cd391ffdaf	Fix the OpenSSL time parsing ACMEd was not able to parse some possible time representation, which could cause a certificate not being renewed at all. This commit support all current known outputs. https://github.com/openssl/openssl/blob/master/crypto/asn1/a_time.c	6 years ago
Rodolphe Breard	d0783970c8	Renew a certificate that does not include all domains At some point, someone may add new domains to an existing certificate. In such case, this certificate should be renewed as soon as possible instead of upon expiration.	6 years ago
Rodolphe Breard	a59a909cc6	Format code	6 years ago
Rodolphe Breard	a0e3c80e51	Add the is_clean_hook variable to challenge hooks	6 years ago
Rodolphe Breard	2d5e3969e1	Add the is_success variable to post-operation hooks	6 years ago
Rodolphe Breard	65b97800c1	Fix the man build	6 years ago
Rodolphe Breard	d334f5ff2e	Fix the Makefile install path	6 years ago
Rodolphe Breard	ed9bd8aaf2	Fix a typo	6 years ago
Rodolphe Breard	36fc78d619	Update the changelog	6 years ago
Rodolphe Breard	5e252d8b17	Forbid unknown configuration fields If a configuration field has a typo in its name, the configuration should show an error message instead of silently ignoring this field, which could create unwanted behavior.	6 years ago
Rodolphe Breard	d71f4ff405	Add tests for rustc 1.33.0	6 years ago
Rodolphe Breard	548f96e18c	Remove the undocumented ChallengeHookData::algorithm field	6 years ago
Rodolphe Breard	bc3bbd9c91	Allow to customize installation directories	6 years ago
Rodolphe Breard	f2e048c15c	Add a Makefile	6 years ago
Rodolphe Breard	c6037861f4	Improve the http-01-echo example If someone used the example the way it was defined, file-access issues may arise. This new example add two new hooks to fix it. The example should now work in most environment although the path may need to be adapted.	6 years ago
Rodolphe Breard	e0d260ca8c	Add man pages Documentation is a crucial point for every project, and the most effective and traditional way to document a program is to write man page. Here, the mdoc is used because it is simple. Because the documentation is quite different from the project itself, the man pages and others helpful files are distributed under a different license. For this usage, the GNU All-Permissive License is adequate. https://www.gnu.org/prep/maintain/html_node/License-Notices-for-Other-Files.html man 7 groff_mdoc	6 years ago
Rodolphe Breard	1c65795e2b	Add build instruction for Debian-based systems	6 years ago
Rodolphe Breard	04fe98be75	Fix the example config file	6 years ago
Rodolphe Breard	163bb86d5d	Remove the now unused challenge field in the example config file	6 years ago
Rodolphe Breard	c5c372071f	Update the CHANGELOG	6 years ago
Rodolphe Breard	ed547f6a46	Update the README	6 years ago
Rodolphe Breard	0e15cc69e4	Fix the syntax error in the example configuration file	6 years ago
Rodolphe Breard	80e91cecd1	v0.3.0	6 years ago
Rodolphe Breard	6067f52c7e	Add tacd to the CHANGELOG	6 years ago
Rodolphe Breard	8a0dd48cbd	Merge branch 'root_cert'	6 years ago
Rodolphe Breard	644484cb31	Change the hook and domains definitions The previous system was too limited when it comes to flexibility using hooks. This limitation came from the false idea that, for a given certificate, all challenges must be validated with the same method. In order to prove that false, domains in a certificate can now make use of any challenge type available. In order to be more flexible, hooks are now given a type and are defined in the same registry (instead of 6). Each one will be called when considered relevant based on its type.	6 years ago
Rodolphe Breard	447d1f848f	Add an option to specify new trusted root certificates Sometimes, it is not possible to use certificates signed by a known certificate authority. Hence, in order to prevent a TLS error, it is required to explicitly add a new trusted root certificate. This is the case with Pebble, which provides the certificate. https://github.com/letsencrypt/pebble#avoiding-client-https-errors	6 years ago
Rodolphe Breard	b8aa782dd2	Use the native openssl methods for SAN construction The openssl crate does support having multiple DNS entries in the SAN extension, there is no need to re-implement it.	6 years ago
Rodolphe Breard	c632f952ed	Support OpenSSL 1.0 AlpnError::ALERT_FATAL has been added in OpenSSL 1.1.0, hence build will fail on any previous version. This commit allows older versions to fall back to AlpnError::NOACK instead.	6 years ago
Rodolphe Breard	261e0e50fd	Change the Ubuntu distribution for Travis CI By default, Travis CI builds and run the tests on Ubuntu 14.04 LTS (Trusty Tahr), which has OpenSSL 1.0.1f. Unfortunately, This version of OpenSSL does not support TLS-ALPN, which has been added in 1.0.2. In order for the tests to run, it is required to upgrade at least to Ubuntu 16.04 LTS (Xenial Xerus). https://docs.travis-ci.com/user/reference/overview/ https://docs.travis-ci.com/user/reference/xenial/ https://packages.ubuntu.com/xenial/openssl	6 years ago
Rodolphe Breard	2fc4eef60c	Add tacd, a daemon for the tls-alpn-01 challenge ACMEd should and will remain as simple as possible and let the user alone take care of the challenge validation. However, this philosophy does not forbid the project itself to distribute additional tools that are designed to improve the user experience. Because the TLS-ALPN ecosystem is currently very slim, adding tacd is really benefic to ACMEd.	6 years ago
Rodolphe Breard	eb7bc09134	Move the logs to the acme_common lib	6 years ago
Rodolphe Breard	d549c3db5a	Move the daemonize role to acme_common	6 years ago
Rodolphe Breard	83563ad950	Add the Clone trait to Error	6 years ago
Rodolphe Breard	a0d8944682	Move common items to a dedicated lib In a near future, ACMEd will be composed of several binaries which will use some common functions and structures.	6 years ago
Rodolphe Breard	406bcd94d5	Update the README path	6 years ago

1 2 3

144 Commits (6c6f76a811dabacfdd37d09efe937e0684f0c66e) All Branches Search

144 Commits (6c6f76a811dabacfdd37d09efe937e0684f0c66e)

All Branches