acmed

Commit Graph

Author	SHA1	Message	Date
Rodolphe Breard	2f39e798d1	Add Unix style globing for config file inclusion Close #6	4 years ago
Rodolphe Breard	25450aebbf	Implement IP identifiers RFC 8738: https://tools.ietf.org/html/rfc8738	4 years ago
Rodolphe Breard	62db048a46	Allow to define a custom delay for renewal	4 years ago
Rodolphe Breard	582593de29	Allow to specify the account key type and signature alg in the config	4 years ago
Rodolphe Breard	a5b59e7ba1	Refactor the Makefile The previous version of the Makefile used features which are specific to GNU Make and therefore does not works on BSD systems. This new version, which is much more simpler, works both on GNU Make and BSD Make (tested on FreeBSD 12.1).	4 years ago
Rodolphe Breard	f2e23b20fd	ACMEd v0.9.0	4 years ago
Rodolphe Breard	d7693fc95f	Update the change log	4 years ago
Rodolphe Breard	501b1aa9d8	Replace `reqwest` by `attohttpc` `reqwest` is a very good crate, however ACMEd does not require most of its functionalities. For this job, `attohttpc` is also great and comes with much less dependencies. rel #1	4 years ago
Rodolphe Breard	da12bf93ba	Add support for user and groups names	4 years ago
Rodolphe Breard	942d0a9ba7	ACMEd v0.8.0	4 years ago
Rodolphe Breard	26ce6fdf40	Refactor the HTTP back-end The previous HTTP back-end was tightly coupled with the threads, which was very inconvenient. It is now completely decoupled so a new threading model may be implemented.	4 years ago
rollniak	4b51b40a44	`Make install` now work with the busybox toolchain.	5 years ago
Rodolphe Breard	8be37b7fc6	ACMEd v0.7.0	5 years ago
Rodolphe Breard	39430009ac	Add internationalized domain names support	5 years ago
Rodolphe Breard	9eda92662d	Allow --pid-file to be used with --foreground The PID file is now always written whether or not ACMEd is running in the foreground. Previously, it was written only when running in the background. Fix #7	5 years ago
Rodolphe Breard	e338469b7a	Fix the type of the externalAccountRequired field	5 years ago
Rodolphe Breard	e6ff3b97ba	Replace * by _ in file names	5 years ago
Rodolphe Breard	8752b0d1d5	ACMEd v0.6.1	5 years ago
Rodolphe Breard	f9a71cbde6	Fix the "foregroung" typo I made the typo once and then copy/pasted it everywhere.	5 years ago
Rodolphe Breard	bdb0dcd05f	Update the change log	5 years ago
Rodolphe Breard	f2be8baebe	ACMEd 0.6.0	6 years ago
Rodolphe Breard	1e6aba52dc	Add rate limits for HTTPS requests	6 years ago
Rodolphe Breard	1cffa14c20	Renew certificates in parallel	6 years ago
Rodolphe Breard	08c9410028	Improve the logging format In order to renew different certificate at the same time, log messages must display which certificate they are referring to.	6 years ago
Rodolphe Breard	4303ed61d7	Allow to give a file path in a hook's stdin There is use-cases where a command's standard input should be filled with a file's content. In order to stay consistent with the names of the other fields, `stdin` is now the field which accepts such a path. `stdin_str` has been created in order to also support the use of a raw string.	6 years ago
Rodolphe Breard	75f79bcef5	Clean the hooks right after the current challenge has been validated Cleaning hooks after the certificate has been retrieved is a mistake since a failure somewhere in the process will prevent all called hook to be cleaned. With the current implementation, only the currently failed hook is left without being cleaned.	6 years ago
Rodolphe Breard	b31a689b26	Fix the http-01-echo default hook	6 years ago
Rodolphe Breard	9c497994d8	Add an option to stop or continue after a failed hook	6 years ago
Rodolphe Breard	6177fffb7e	ACMEd 0.5.0	6 years ago
Rodolphe Breard	c06cb6aad7	Add env variable definition in the global section	6 years ago
Rodolphe Breard	d24c78ee17	Allow to configure per-domain environment variables	6 years ago
Rodolphe Breard	8d9ef17e1c	Allow to configure environment variables for a given certificate Sometimes, you want hooks to use different parameters depending on the certificate. In order to achieve this, it is now now possible to configure environment variables at certificate scope. Thanks to this, the default hooks have been rewrote in order to use cover more use cases.	6 years ago
Rodolphe Breard	03850d20e6	Add environment variables to hook templates	6 years ago
Rodolphe Breard	73df1bb951	Allow tacd to listen on a unix socket	6 years ago
Rodolphe Breard	7eed211434	Allow the config file to include other files	6 years ago
Rodolphe Breard	2eff6cd799	Display a warning when fetching order or an authorization Orders and authorization can both contain an error which can, for example, help an user to fix a broken hook. It is therefore very useful to display it. Plus, when pooling one of those objects, having an error does not mean we should stop pooling since the error may be temporary.	6 years ago
Rodolphe Breard	d1d393f7a6	ACMEd 0.4.0	6 years ago
Rodolphe Breard	cd391ffdaf	Fix the OpenSSL time parsing ACMEd was not able to parse some possible time representation, which could cause a certificate not being renewed at all. This commit support all current known outputs. https://github.com/openssl/openssl/blob/master/crypto/asn1/a_time.c	6 years ago
Rodolphe Breard	d0783970c8	Renew a certificate that does not include all domains At some point, someone may add new domains to an existing certificate. In such case, this certificate should be renewed as soon as possible instead of upon expiration.	6 years ago
Rodolphe Breard	a0e3c80e51	Add the is_clean_hook variable to challenge hooks	6 years ago
Rodolphe Breard	2d5e3969e1	Add the is_success variable to post-operation hooks	6 years ago
Rodolphe Breard	36fc78d619	Update the changelog	6 years ago
Rodolphe Breard	e0d260ca8c	Add man pages Documentation is a crucial point for every project, and the most effective and traditional way to document a program is to write man page. Here, the mdoc is used because it is simple. Because the documentation is quite different from the project itself, the man pages and others helpful files are distributed under a different license. For this usage, the GNU All-Permissive License is adequate. https://www.gnu.org/prep/maintain/html_node/License-Notices-for-Other-Files.html man 7 groff_mdoc	6 years ago
Rodolphe Breard	c5c372071f	Update the CHANGELOG	6 years ago
Rodolphe Breard	80e91cecd1	v0.3.0	6 years ago
Rodolphe Breard	6067f52c7e	Add tacd to the CHANGELOG	6 years ago
Rodolphe Breard	644484cb31	Change the hook and domains definitions The previous system was too limited when it comes to flexibility using hooks. This limitation came from the false idea that, for a given certificate, all challenges must be validated with the same method. In order to prove that false, domains in a certificate can now make use of any challenge type available. In order to be more flexible, hooks are now given a type and are defined in the same registry (instead of 6). Each one will be called when considered relevant based on its type.	6 years ago
Rodolphe Breard	0a7deb4cdc	Add tls-alpn-01 challenge support Although the standardization is still a draft, this challenge is already supported by Let's Encrypt. https://datatracker.ietf.org/doc/draft-ietf-acme-tls-alpn/	6 years ago
Rodolphe Breard	2c7b716584	Retry request rejected with a recoverable error Some errors, like the badNonce one, are recoverable. Hence, the client is expected to retry. ACMEd will now re-send the associated request until it succeed or the max retries number is reached. Each retry is preceded by a small waiting time in order to let the server recover in case it was faulty.	6 years ago
Rodolphe Breard	e66b5a5254	Use account objects instead of an email field Defining an account solely by an email address is not the best strategy since the ACME protocol does not require it and also allows for more contacts information. Although this commit does not change the "one email" policy, it sets the bases so it could evolve in the future.	6 years ago

1 2

59 Commits (f640688a3b40ab2c0c2c8c8ca7e9d56c64b1e663)