Commit Graph

636 Commits

Author SHA1 Message Date
Lukas Schauer 9827a411b3 removed instructions for importing from "official" client (certbot) as it probably doesn't work anymore and there isn't really much use for it anyway 2020-04-28 21:29:24 +02:00
Lukas Schauer 4a55f93896 fix link to wiki in documentation (fixes #690) 2020-04-28 21:27:49 +02:00
Lukas Schauer a07c8d14f6 reworked dependency check and moved it up a bit in code (fixes #715, resolves #717 again...) 2020-04-28 21:25:08 +02:00
Lukas Schauer 42047fdf11 added changelog 2020-04-28 21:10:22 +02:00
Lukas Schauer 76d7e31981 added note about newline encoded in accounts directory hashes (resolves #730) 2020-04-28 21:03:55 +02:00
Lukas Schauer 4fd4d4d3c2 temporarily store raw curl version output to fix check (fixes #717) 2020-04-28 20:58:46 +02:00
Lukas Schauer 229f7186a6 store errorcode while using KEEP_GOING (fixes #659) 2020-04-28 20:39:04 +02:00
Lukas Schauer 4b7a1e4ce6 report issues with hook scripts instead of silently exiting (fixes #733, fixes #686) 2020-04-28 20:13:03 +02:00
Lukas Schauer 871efe653b skip exit_hook in _exiterr if KEEP_GOING is enabled (fixes #686) 2020-04-28 18:36:02 +02:00
Rogdham dbb0ef1ce1 Move from account ID to account URL
We store the account URL on account creation in the account_id.json file.

When reading the file, if the attribute is missing, we retrieve the account URL
from the CA ( https://tools.ietf.org/html/rfc8555#section-7.3.1 ) and edit the
file.

Per https://tools.ietf.org/html/rfc8555#section-7.3
> The server returns this account object in a 201 (Created) response, with the
> account URL in a Location header field.  The account URL is used as the "kid"
> value in the JWS authenticating subsequent requests by this account (see
> Section 6.2).  The account URL is also used for requests for management
> actions on this account, as described below.
2020-04-03 09:16:30 +02:00
Lukas Schauer fcfb077a95 redirect output of cert expiry check (fixes #713) 2020-04-02 12:44:40 +02:00
Lukas Schauer bc9344392a fixed typo (closes #712) 2020-04-02 12:23:09 +02:00
Lukas Schauer 5b7c898b63 only show order processing/pending message when waiting 2020-04-02 12:15:17 +02:00
Rogdham 58bd926e30 Don't assume order status to be valid
Per https://tools.ietf.org/html/rfc8555#section-7.1.3

> status (required, string):  The status of this order.  Possible values are
> "pending", "ready", "processing", "valid", and "invalid".  See Section 7.1.6.
2020-04-02 12:09:27 +02:00
Rogdham c8333f5a56 Fix challenge response POST body in ACMEv2
Per https://tools.ietf.org/html/rfc8555#section-7.5.1

> The client indicates to the server that it is ready for the challenge
> validation by sending an empty JSON body ("{}") carried in a POST
> request to the challenge URL (not the authorization URL).
2020-03-30 21:34:43 +02:00
Lukas Schauer 307eaadddf updated notice about move 2020-01-30 22:51:25 +01:00
Lukas Schauer dfffb1b88b added note about moving the repository 2020-01-30 01:45:17 +01:00
Lukas Schauer e2eeaf7ec6 added funding.yml 2019-11-11 22:46:13 +01:00
Lukas Schauer 946e5712ba fixed small logic bug 2019-10-09 02:05:54 +02:00
Lukas Schauer 018254974c Merge tag 'v0.6.5' 2019-07-06 19:25:32 +02:00
Lukas Schauer 05eda91a2f release 0.6.5 (fixed apiv1 compatibility...) v0.6.5 2019-06-26 12:33:35 +02:00
Lukas Schauer f60f2f81e8 release 0.6.5 (fixed apiv1 compatibility...) 2019-06-26 12:29:39 +02:00
Lukas Schauer 4f358e22f4 release 0.6.4 (fixed account id handling, again) v0.6.4 2019-06-25 15:28:09 +02:00
Lukas Schauer f9d0b1bd70 release 0.6.3 v0.6.3 2019-06-25 12:50:45 +02:00
Lukas Schauer be13dcd454 fixed fetching of account information (fixes #652, fixes #647, fixes #650, closes #648) 2019-06-25 12:19:20 +02:00
Lukas Schauer 74a536c161 added documentation about possible future removal of api version 1 2019-03-04 23:23:40 +01:00
Lukas Schauer 444cea4669 Revert "cleanup: removed api version 1 support (closes #510)"
Since a few CAs out there actually seem to (only) support ACME v1 I
decided to revert the removal and keep ACME v1 around, at least until
it eventually becomes a bigger inconvenience to maintain.

This reverts commit aadf7d5e64.
2019-03-04 23:11:07 +01:00
Lukas Schauer ea93170959 BSD bugfixes for version command (closes #619) 2019-03-03 21:51:01 +01:00
Lukas Schauer 133e31de0b tiny documentation fix: per-certificate-config can override PRIVATE_KEY_ROLLOVER (closes #614) 2019-03-03 20:38:47 +01:00
Lukas Schauer aadf7d5e64 cleanup: removed api version 1 support (closes #510) 2019-03-03 20:32:10 +01:00
Lukas Schauer e4a32acbe2 new hook: sync_cert (closes #609) 2019-03-03 20:22:41 +01:00
Lukas Schauer 1c77730373 call exit_hook with error message (fixes #630) 2019-03-03 20:08:18 +01:00
Lukas Schauer e623fcc024 implement POST-as-GET (closes #626) 2019-03-03 20:00:13 +01:00
Lukas Schauer 585ed5404b updated oid for tls-alpn verification token (fixes #624) 2019-01-18 13:25:57 +01:00
Lukas Schauer 92aa1ecd5a document DOMAINS_D parameter in example config (fixes #575, closes #582) 2018-10-20 13:05:20 +02:00
Lukas Schauer 5783a2dd45 fixed a bug that resulted in a deleted domains.txt when using incorrect parameters in combination with signcsr (fixes #597) 2018-10-20 12:27:23 +02:00
Lukas Schauer fba49ba28e implemented initial support for tls-alpn-01 verification 2018-07-26 04:44:29 +02:00
Lukas Schauer 10d4b98e7f Only match Replace-Nonce header at beginning of line 2018-05-09 21:01:57 +02:00
Florent e4e712c03a Fixes #559 : when HTTP/2 is used, header names are lower case. So adding ignore case option (-i) to grep's. 2018-05-09 21:00:05 +02:00
Lukas Schauer 2a8af8fda7 made ocsp refresh interval configurable 2018-05-07 03:31:43 +02:00
Lukas Schauer 9165cfdebf added dns-txt-foo to troubleshooting.md 2018-05-01 17:54:13 +02:00
Lukas Schauer b5dddd7a2b prepare for next version 2018-04-27 13:08:44 +02:00
Lukas Schauer ce3d658377 release 0.6.2 v0.6.2 2018-04-25 23:22:40 +02:00
Lukas Schauer 89de83c994 add explanation on HEADERS parameter to request_failure hook (fixes #545) 2018-04-25 22:48:16 +02:00
Lukas Schauer 52c2c19994 added workaround for use with advanced filesystem ACLs (as originally suggested in #467) 2018-04-20 02:55:07 +02:00
Tobias Tiederle 53c458c318 fix parameter 2018-04-15 16:08:30 +02:00
Lukas Schauer ba5928776f fix behaviour for fetching missing additional account information with unknown keys 2018-04-13 22:09:52 +02:00
Lukas Schauer dff7d4ea35 allow registration using cli-specified private key (#534) 2018-04-13 21:34:11 +02:00
Lukas Schauer 0262997451 also call clean_challenge hook for http-01 challenges (fixes #536) 2018-04-13 20:59:27 +02:00
Lukas Schauer 8ba56a8048 renamed ocsp hook to deploy_ocsp, exported altnames, added example hook 2018-04-08 22:44:28 +02:00