starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-03-11 21:05:21 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity
578 Commits 5 Branches 15 Tags
871efe653bac0a36d4e2be145b88d01295b3e71d
Commit Graph

578 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lukas Schauer
871efe653b skip exit_hook in _exiterr if KEEP_GOING is enabled (fixes #686) 2020-04-28 18:36:02 +02:00
Rogdham
dbb0ef1ce1 Move from account ID to account URL 
We store the account URL on account creation in the account_id.json file.

When reading the file, if the attribute is missing, we retrieve the account URL
from the CA ( https://tools.ietf.org/html/rfc8555#section-7.3.1 ) and edit the
file.

Per https://tools.ietf.org/html/rfc8555#section-7.3
> The server returns this account object in a 201 (Created) response, with the
> account URL in a Location header field.  The account URL is used as the "kid"
> value in the JWS authenticating subsequent requests by this account (see
> Section 6.2).  The account URL is also used for requests for management
> actions on this account, as described below.
 2020-04-03 09:16:30 +02:00
Lukas Schauer
fcfb077a95 redirect output of cert expiry check (fixes #713) 2020-04-02 12:44:40 +02:00
Lukas Schauer
bc9344392a fixed typo (closes #712) 2020-04-02 12:23:09 +02:00
Lukas Schauer
5b7c898b63 only show order processing/pending message when waiting 2020-04-02 12:15:17 +02:00
Rogdham
58bd926e30 Don't assume order status to be valid 
Per https://tools.ietf.org/html/rfc8555#section-7.1.3

> status (required, string):  The status of this order.  Possible values are
> "pending", "ready", "processing", "valid", and "invalid".  See Section 7.1.6.
 2020-04-02 12:09:27 +02:00
Rogdham
c8333f5a56 Fix challenge response POST body in ACMEv2 
Per https://tools.ietf.org/html/rfc8555#section-7.5.1

> The client indicates to the server that it is ready for the challenge
> validation by sending an empty JSON body ("{}") carried in a POST
> request to the challenge URL (not the authorization URL).
 2020-03-30 21:34:43 +02:00
Lukas Schauer
307eaadddf updated notice about move 2020-01-30 22:51:25 +01:00
Lukas Schauer
dfffb1b88b added note about moving the repository 2020-01-30 01:45:17 +01:00
Lukas Schauer
e2eeaf7ec6 added funding.yml 2019-11-11 22:46:13 +01:00
Lukas Schauer
946e5712ba fixed small logic bug 2019-10-09 02:05:54 +02:00
Lukas Schauer
018254974c Merge tag 'v0.6.5' 2019-07-06 19:25:32 +02:00
Lukas Schauer
05eda91a2f release 0.6.5 (fixed apiv1 compatibility...) v0.6.5 2019-06-26 12:33:35 +02:00
Lukas Schauer
f60f2f81e8 release 0.6.5 (fixed apiv1 compatibility...) 2019-06-26 12:29:39 +02:00
Lukas Schauer
4f358e22f4 release 0.6.4 (fixed account id handling, again) v0.6.4 2019-06-25 15:28:09 +02:00
Lukas Schauer
f9d0b1bd70 release 0.6.3 v0.6.3 2019-06-25 12:50:45 +02:00
Lukas Schauer
be13dcd454 fixed fetching of account information (fixes #652, fixes #647, fixes #650, closes #648) 2019-06-25 12:19:20 +02:00
Lukas Schauer
74a536c161 added documentation about possible future removal of api version 1 2019-03-04 23:23:40 +01:00
Lukas Schauer
444cea4669 Revert "cleanup: removed api version 1 support (closes #510)" 
Since a few CAs out there actually seem to (only) support ACME v1 I
decided to revert the removal and keep ACME v1 around, at least until
it eventually becomes a bigger inconvenience to maintain.

This reverts commit aadf7d5e64.
 2019-03-04 23:11:07 +01:00
Lukas Schauer
ea93170959 BSD bugfixes for version command (closes #619) 2019-03-03 21:51:01 +01:00
Lukas Schauer
133e31de0b tiny documentation fix: per-certificate-config can override PRIVATE_KEY_ROLLOVER (closes #614) 2019-03-03 20:38:47 +01:00
Lukas Schauer
aadf7d5e64 cleanup: removed api version 1 support (closes #510) 2019-03-03 20:32:10 +01:00
Lukas Schauer
e4a32acbe2 new hook: sync_cert (closes #609) 2019-03-03 20:22:41 +01:00
Lukas Schauer
1c77730373 call exit_hook with error message (fixes #630) 2019-03-03 20:08:18 +01:00
Lukas Schauer
e623fcc024 implement POST-as-GET (closes #626) 2019-03-03 20:00:13 +01:00
Lukas Schauer
585ed5404b updated oid for tls-alpn verification token (fixes #624) 2019-01-18 13:25:57 +01:00
Lukas Schauer
92aa1ecd5a document DOMAINS_D parameter in example config (fixes #575, closes #582) 2018-10-20 13:05:20 +02:00
Lukas Schauer
5783a2dd45 fixed a bug that resulted in a deleted domains.txt when using incorrect parameters in combination with signcsr (fixes #597) 2018-10-20 12:27:23 +02:00
Lukas Schauer
fba49ba28e implemented initial support for tls-alpn-01 verification 2018-07-26 04:44:29 +02:00
Lukas Schauer
10d4b98e7f Only match Replace-Nonce header at beginning of line 2018-05-09 21:01:57 +02:00
Florent
e4e712c03a Fixes #559 : when HTTP/2 is used, header names are lower case. So adding ignore case option (-i) to grep's. 2018-05-09 21:00:05 +02:00
Lukas Schauer
2a8af8fda7 made ocsp refresh interval configurable 2018-05-07 03:31:43 +02:00
Lukas Schauer
9165cfdebf added dns-txt-foo to troubleshooting.md 2018-05-01 17:54:13 +02:00
Lukas Schauer
b5dddd7a2b prepare for next version 2018-04-27 13:08:44 +02:00
Lukas Schauer
ce3d658377 release 0.6.2 v0.6.2 2018-04-25 23:22:40 +02:00
Lukas Schauer
89de83c994 add explanation on HEADERS parameter to request_failure hook (fixes #545) 2018-04-25 22:48:16 +02:00
Lukas Schauer
52c2c19994 added workaround for use with advanced filesystem ACLs (as originally suggested in #467) 2018-04-20 02:55:07 +02:00
Tobias Tiederle
53c458c318 fix parameter 2018-04-15 16:08:30 +02:00
Lukas Schauer
ba5928776f fix behaviour for fetching missing additional account information with unknown keys 2018-04-13 22:09:52 +02:00
Lukas Schauer
dff7d4ea35 allow registration using cli-specified private key (#534) 2018-04-13 21:34:11 +02:00
Lukas Schauer
0262997451 also call clean_challenge hook for http-01 challenges (fixes #536) 2018-04-13 20:59:27 +02:00
Lukas Schauer
8ba56a8048 renamed ocsp hook to deploy_ocsp, exported altnames, added example hook 2018-04-08 22:44:28 +02:00
Ike Johnson
2fca309e94 Add ocsp_update hook 
In relation to issue #513
 2018-04-08 22:31:56 +02:00
Daniel Molkentin
13b8a3f29f fix date in man page 2018-04-08 22:21:33 +02:00
Lukas Schauer
a67816468a also run request_failure and invalid_challenge when HOOK_CHAIN is defined (fixes #450) 2018-04-08 22:18:30 +02:00
Lukas Schauer
ea46aee44f fixed cleanup for invalid challenges 2018-04-08 22:18:16 +02:00
Lukas Schauer
537877a0e2 allow for widely-used non-standard CSR label (fixes #488) 2018-03-26 00:00:50 +02:00
Lukas Schauer
981179a770 hail hydra! 🐙 2018-03-24 16:18:01 +01:00
Lukas Schauer
ff18d39aa8 strip validationRecord from challenge before grepping for "url" string... (fixes #515) 2018-03-18 20:12:04 +01:00
John L. Villalovos
7c40c727a0 Improve documentation on wildcards 
Improve the documentation on how to use wildcard domains.

Also give more examples in the docs/examples/domains.txt file.
 2018-03-17 13:27:15 +01:00