starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-16 16:36:48 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity
518 Commits 5 Branches 15 Tags
6e802ddc1949f3abe5283abfc5a07822ebc94ff9
Commit Graph

73 Commits

Author SHA1 Message Date
Lukas Schauer
0211d24577 require a valid alias to be set for certain wildcard certificates (fixes #483) 2018-03-02 18:53:00 +01:00
Lukas Schauer
5940c55e18 prepared future migration to new acmev2 endpoint 2018-02-07 03:14:29 +01:00
Lukas Schauer
2eedd69ee9 request_failure hook: added http response headers as new parameter 2018-02-06 23:33:28 +01:00
Lukas Schauer
082ed17a0a added acmev2 staging information to docs 2018-02-06 21:58:42 +01:00
Lukas Schauer
dec5ad5840 read url to terms of service from ca directory 2018-02-06 21:58:42 +01:00
Lukas Schauer
83bf2664b0 added a few simple example use cases to example hook script 2018-02-06 21:13:37 +01:00
Lukas Schauer
63854b752b New hook: generate_csr (see example hook script for more information, implements #475, replaces #377) 2018-02-06 20:57:33 +01:00
Mattia Rizzolo
62d37c9b3d Fix grammer error in the manpage (fixes #466) 
"allows to" requires a subject (e.g. "allows one to"), without it's just
syntactically wrong.  Change the verb entirely to workaround the
problem.
 2018-02-06 19:14:12 +01:00
Lukas Schauer
b53cb6643b moved manpage to docs directory 2018-02-06 18:53:21 +01:00
Lukas Schauer
fb41783885 automatic discovery of remote acme api version 2018-02-05 19:20:28 +01:00
Lukas Schauer
6d02bfdb42 shrink "logo" a bit 2018-02-03 22:14:43 +01:00
Lukas Schauer
afba7c694c moved deploy_challenge to earlier loop so it works with multiple challenge tokens on the same identifier (important for wildcard certificate), fixed array-name, removed hook-chain warning 2018-01-28 19:48:25 +01:00
Pandark
471899b4d8 Add ^~ to nginx location block 
To make sure it is not overridden.
> http://nginx.org/en/docs/http/ngx_http_core_module.html#location :
> If the longest matching prefix location has the “^~” modifier then regular expressions are not checked.
 2018-01-28 06:18:10 +01:00
Lukas Schauer
0f69481e2b rewrote challenge validation to iterate over authorizations instead of altnames (fixes some acmev2 validation edgecases), also removed broken test-script (for now) 2018-01-28 06:13:37 +01:00
Martin Strobel
68cb1e0661 ACME v02 Support 2018-01-13 20:17:25 +01:00
Lukas Schauer
2adc57791c Add optional user and group configuration (fixes #434) 2017-12-18 00:35:26 +01:00
Lukas Schauer
c62f3d91fc implement certificate aliases as suggested by typingArtist (fixes #396) 2017-12-17 23:50:46 +01:00
sirrkitt
88267db7e2 Update wellknown.md 
add Hiawatha to list
 2017-12-14 00:33:11 +01:00
Lukas Schauer
58647cab65 added OPENSSL variable to example config (#414) 2017-07-18 15:46:25 +02:00
Lukas Schauer
ee75c5dca7 Initial support for fetching OCSP status to be used for OCSP stapling (as suggested in #385) 2017-07-11 00:28:36 +02:00
Lukas Schauer
60583d3ef9 added hook to run before cron command (fixes #371) 2017-07-10 21:36:10 +02:00
Lukas Schauer
e6d6882c78 added option to automatically run cleanup routine (implements #389) 2017-07-10 20:21:30 +02:00
ProBackup-nl
875c1f74e5 Add some formatting to improve human scannability (while reading) 2017-07-10 19:53:39 +02:00
Lukas Schauer
d1f215b652 fixed typos as suggested by @jwilk (closes #369) 2017-07-10 16:55:18 +02:00
Andreas Thienemann
bd57777c62 Ability to provide extra curl options 
In some situations it might be necessary to pass extra commands to
the curl binary, e.g. proxy authentication credentials.

Adds the CURL_OPTS config option.
 2017-07-10 16:44:39 +02:00
Ben Elliston
33c77e6daa Add some comments about IPv6. 2017-07-10 15:26:50 +02:00
Lukas Schauer
d685463673 implemented issuer-chain cache 2017-07-10 15:06:50 +02:00
Simon Deziel
fe17753dd5 Invoke bash through /usr/bin/env 2017-01-30 20:47:23 -05:00
Simon Deziel
27a416511f The example hook script uses bash test regex 
Use bash explictly as done for the main script.

Signed-off-by: Simon Deziel <simon.deziel@gmail.com>
 2017-01-30 20:36:19 -05:00
Lukas Schauer
e5452922e9 whitelist handlers for example hook (fixes #348) 2017-01-30 03:53:59 +01:00
Lukas Schauer
6a32f20e00 ask user to read and accept license, added register-command, fullchain.pem is now actually the full chain 2017-01-29 22:06:53 +01:00
Lukas Schauer
298a7e9aaf added exit_hook hook 2017-01-29 15:48:03 +01:00
Nicolás Kovac
81eecedc5a Fix: bash to sh notation on invalid_challenge() hook 2017-01-06 00:18:57 +01:00
nkovacne
404dc3fe0f Adding the request_failure hook (#326) 2017-01-06 00:15:51 +01:00
nkovacne
318cf2011d Adding the invalid_challenge hook (#278) 2016-12-18 20:31:08 +01:00
crza
a13e410363 Basic implementation for private key rollover (#294) 
* initial commit for PRIVATE_KEY_ROLLOVER

* fix if syntax

* rolloverkey without  timestamps

* update example config: PRIVATE_KEY_ROLLOVER

* rolloverkey creation logic updated

* updated tests. untested.

* added cleanup for rolloverkeys: if disabled, delete privkey.roll.pem
 2016-10-17 22:40:03 +02:00
Elan Ruusamäe
d62a5eeb1e fix lighttpd syntax (#299) 
at least in 1.4 the syntax is `server.modules` and it's an array.
and it's always good idea to keep trailing comma to avoid syntax errors when adding new entries.
 2016-10-17 22:11:34 +02:00
Elan Ruusamäe
83fa54cc38 examples/hook: no bashism (#300) 
use plain shell syntax,
also protect against if arguments contain spaces.
 2016-10-17 22:08:14 +02:00
leonklingele
caeed7d5e3 Make example hook.sh file executable. (#253) 
So one can easily `cp docs/examples/hook.sh .`
 2016-09-14 15:11:25 +02:00
Lukas Schauer
ec49a4433b fixed a few things after project rename 2016-09-13 20:00:43 +02:00
Lukas Schauer
64e35463cb renamed project to dehydrated and main script to dehydrated.sh 2016-09-13 19:48:27 +02:00
leonklingele
6192b33ac2 ECDSA is supported since February 10, 2016 (#260) 
Let's Encrypt will however sign all ECDSA certs with an RSA intermediate certificate.
https://letsencrypt.org/upcoming-features/
 2016-08-22 15:40:37 +02:00
leonklingele
47602dea04 Update staging doc: Let's Encrypt is no longer in beta. (#259) 2016-08-22 15:38:29 +02:00
leonklingele
3a66a7f8d2 Fix default license help text in example config (#254) 2016-08-06 15:32:53 +02:00
Lukas Schauer
ca0249c46c Update staging.md 2016-08-03 23:47:57 +02:00
Lukas Schauer
afabfff06e updated url to letsencrypt license agreement 2016-08-01 20:35:46 +02:00
Lukas Schauer
194464b04b Default WELLKNOWN location is now /var/www/letsencrypt 
With this change private and public files are now separated by default.
 2016-07-20 17:04:25 +02:00
chkhanu
364bcccf74 Added option to select IP version of name to address resolution (#231) 2016-07-20 16:49:04 +02:00
Lukas Schauer
2042b177c7 modified lighttpd example config 2016-06-10 23:41:59 +02:00
Domen Puncer Kugler
ae98ff6767 Add Lighttpd example to wellknown.md (#224) 2016-06-08 01:49:50 +02:00