acmed

Commit Graph

Author	SHA1	Message	Date
Rodolphe Breard	913199c106	Update the Rust versions in the CI	4 years ago
Rodolphe Breard	f520c05544	Update the base64 dependency	4 years ago
Rodolphe Breard	44c6f99456	ACMEd v0.12.0	4 years ago
Rodolphe Breard	1d80066c56	Improve the build system	4 years ago
Rodolphe Breard	82674904c1	Allow to specify a target in the Makefile	4 years ago
Rodolphe Breard	41d343eeaa	Remove the acme_common build script's warning	4 years ago
Rodolphe Breard	8c0d208fe5	Add the `openssl_vendored` feature rel #4	4 years ago
Rodolphe Breard	9ec48e7e03	Add the `root_certificates` parameter Being able to define root certificates in the command line is not enough for two reasons: 1. It is always global, you cannot define a root certificate for a specific endpoint. 2. Daemon scripts and unit files are not meant to be changed every time you need to add a root certificate. For those reasons, it is now to possible to define root certificates in the configuration. Those defined in the `global` section will be used on every endpoint, just like those added via the command line. Those defined in an endpoint will be used in this endpoint only.	4 years ago
Rodolphe Breard	48179d19ed	Refactor the JWS protected header generation	4 years ago
Rodolphe Breard	d1901bea91	Update the CONTRIBUTING.md file	4 years ago
Rodolphe Breard	b75b8ba9f7	Prepare the code for an OpenSSL replacement The part of code that are specific to OpenSSL are now included only if the openssl feature is activated. The generic parts of code included in OpenSSL specific files has been moved out.	4 years ago
Rodolphe Breard	d1a344a171	Reorder the Cargo.toml	4 years ago
Rodolphe Breard	fc71b90822	Include packaging in the CONTRIBUTING.md file	4 years ago
Rodolphe Breard	d9fdc8cb08	Fix the man pages syntax	4 years ago
Rodolphe Breard	de6561cd24	ACMEd v0.12.0	4 years ago
Rodolphe Breard	0db5e6898f	Stop to require the `orders` field on account creation RFC 8555 states that: - when an account is successfully created, the server "returns this account object" (section 7.3); - the `orders` field in account objects is mandatory (section 7.1.2). Despite that, Boulder does not returns the `orders` field when an account is created. This non-standard behavior prevented ACMEd from creating account and testing them for existence. In order to allow ACMEd to retrieve certificates from CAs using Boulder, the `orders` field is no longer mandatory and the account existence is tested when the order is requested. https://github.com/letsencrypt/boulder/issues/3335	4 years ago
Rodolphe Breard	0c8b0d3e53	Log HTTP responses and POST requests	4 years ago
Rodolphe Breard	8477d927a1	Add support for NIST P-521 curve and ES512 signatures	4 years ago
Rodolphe Breard	53a6eff1eb	Fix the new order request	4 years ago
Rodolphe Breard	1a1c1bed91	Allow to specify subject attributes for certificates	4 years ago
Rodolphe Breard	2dee1cce4c	Remove nonce scoping from the planned features	4 years ago
Rodolphe Breard	0456737458	ACMEd v0.11.0	4 years ago
Rodolphe Breard	2e526f63e2	Update the CHANGELOG	4 years ago
Rodolphe Breard	3c173bcf13	Create a new account if the external account has changed	4 years ago
Rodolphe Breard	bb47e04558	Improve the binary's long version	4 years ago
Rodolphe Breard	1267e09ecb	Dynamically retrieve the OpenSSL version	4 years ago
Rodolphe Breard	51ff3fb9f8	Fix the test_account_new test	4 years ago
Rodolphe Breard	8c116f0b55	Add external account binding	4 years ago
Rodolphe Breard	875a403485	Add the b64_decode function	4 years ago
Rodolphe Breard	45ca322ea6	Add the HS256, HS384 and HS512 signature algorithms	4 years ago
Rodolphe Breard	30517d8b54	Add the HMAC computation in the HashFunction API	4 years ago
Rodolphe Breard	4eb0423da3	Reformat log messages	4 years ago
Rodolphe Breard	35fc59f761	Remove the signature algorithm from the key hash The key hash is responsible for the initiation of a key rollover on endpoints. Therefore, it should differ only when such an action is required, which is only if the key pair has changed. For this, hashing the public key is sufficient. Adding the signature algorithm will generate unnecessary key rollovers.	4 years ago
Rodolphe Breard	f44d95e7b1	Remove the -D option from install In the Makefile, `make install` is used to create missing directories and install files into them. Until now, the -D option was used for this job. However, FreeBSD as an implementation of the install command that differs about this option. In order to remain compatible with FreeBSD, the -D option has been removed and replace by prior directory creation using the -d option, which is common to (most?) implementations. https://www.freebsd.org/cgi/man.cgi?query=install https://man.openbsd.org/install https://linux.die.net/man/1/install	4 years ago
Rodolphe Breard	b340ac778d	Make the account hooks optional	4 years ago
Rodolphe Breard	dc0603b9e7	Update the Travis CI configuration The `dist: xenial` has been added because, at the time, build was done using an old version of Ubuntu including an unsupported version of OpenSSL. Now that Xenial is the default build version, this option should be removed. See commit `261e0e50fd`	4 years ago
Rodolphe Breard	220f580d90	Use libc::time_t instead of i64 The use of i64 causes troubles in architectures that doesn't defines time_t as an i64. Fixes #37	4 years ago
Rodolphe Breard	04841e1773	Fix the account key rollover	4 years ago
Rodolphe Breard	8b2a32d671	Re-create accounts dropped by the endpoint The previous commit added a small regression: if an account has been dropped by the endpoint, it was not re-created. This commit fixes this.	4 years ago
Rodolphe Breard	9b12e88ae1	Allow accounts to be updated The previous strategy for accounts management on endpoints was to send an account creation request every time in order to retrieve the account URL. Although it works on most cases, the contact information or key update wasn't handled correctly. The only drawback of this new way of managing accounts is that, if the endpoints drops the account, ACMEd will fail to renew any certificate for this account on this endpoint. Previously, it would have simply created a new account. This should be fixed soon.	4 years ago
Rodolphe Breard	a9603528f4	Add questions about parallelization in the FAQ	4 years ago
Rodolphe Breard	51cfd49f08	Refactor the account management Until now, the account management was archaic and it was impossible to improve it without this heavy refactoring. Accounts are now disjoint from both certificates and endpoints. They have their own hooks and their own environment variables. They are stored in a binary file instead of the PEM exports of the private and public keys. This refactoring will allow account management to evolve into something more serious, with real key rollover, contact information update and so on.	4 years ago
Rodolphe Breard	32c1e986af	Fix invalid link in the CONTRIBUTING file	4 years ago
Rodolphe Breard	04a95dad26	Update the CONTRIBUTING file	4 years ago
Rodolphe Breard	69739d4703	Create a dedicated FileManager struct The certificate struct was bloated with file management data which therefore required the certificate to be passed in every storage function. In order to clean this, a new FileManager struct has been created.	4 years ago
Rodolphe Breard	3b7f41a7e8	Update the README	4 years ago
Rodolphe Breard	f126ee22d0	ACMEd v0.10.0	4 years ago
Rodolphe Breard	64e7d80f7c	Improve the CHANGELOG	4 years ago
Rodolphe Breard	a1ff1f6181	Raise a descriptive error for invalid identifier specifications An identifier must have one and only one type field (`dns` or `ip`). Rel #24	4 years ago
Rodolphe Breard	53d55af96e	Improve the FAQ	4 years ago

1 2 3 4 5 ...

317 Commits (913199c10674d26338d09b3d971d7484a069a0f2) All Branches Search

317 Commits (913199c10674d26338d09b3d971d7484a069a0f2)

All Branches