e6d6882c78
added option to automatically run cleanup routine (implements #389 )
2017-07-10 20:21:30 +02:00
875c1f74e5
Add some formatting to improve human scannability (while reading)
2017-07-10 19:53:39 +02:00
d1f215b652
fixed typos as suggested by @jwilk ( closes #369 )
2017-07-10 16:55:18 +02:00
bd57777c62
Ability to provide extra curl options
...
In some situations it might be necessary to pass extra commands to
the curl binary, e.g. proxy authentication credentials.
Adds the CURL_OPTS config option.
2017-07-10 16:44:39 +02:00
33c77e6daa
Add some comments about IPv6.
2017-07-10 15:26:50 +02:00
d685463673
implemented issuer-chain cache
2017-07-10 15:06:50 +02:00
fe17753dd5
Invoke bash through /usr/bin/env
2017-01-30 20:47:23 -05:00
27a416511f
The example hook script uses bash test regex
...
Use bash explictly as done for the main script.
Signed-off-by: Simon Deziel <simon.deziel@gmail.com >
2017-01-30 20:36:19 -05:00
e5452922e9
whitelist handlers for example hook ( fixes #348 )
2017-01-30 03:53:59 +01:00
6a32f20e00
ask user to read and accept license, added register-command, fullchain.pem is now actually the full chain
2017-01-29 22:06:53 +01:00
298a7e9aaf
added exit_hook hook
2017-01-29 15:48:03 +01:00
81eecedc5a
Fix: bash to sh notation on invalid_challenge() hook
2017-01-06 00:18:57 +01:00
404dc3fe0f
Adding the request_failure hook ( #326 )
2017-01-06 00:15:51 +01:00
318cf2011d
Adding the invalid_challenge hook ( #278 )
2016-12-18 20:31:08 +01:00
a13e410363
Basic implementation for private key rollover ( #294 )
...
* initial commit for PRIVATE_KEY_ROLLOVER
* fix if syntax
* rolloverkey without timestamps
* update example config: PRIVATE_KEY_ROLLOVER
* rolloverkey creation logic updated
* updated tests. untested.
* added cleanup for rolloverkeys: if disabled, delete privkey.roll.pem
2016-10-17 22:40:03 +02:00
d62a5eeb1e
fix lighttpd syntax ( #299 )
...
at least in 1.4 the syntax is `server.modules` and it's an array.
and it's always good idea to keep trailing comma to avoid syntax errors when adding new entries.
2016-10-17 22:11:34 +02:00
83fa54cc38
examples/hook: no bashism ( #300 )
...
use plain shell syntax,
also protect against if arguments contain spaces.
2016-10-17 22:08:14 +02:00
caeed7d5e3
Make example hook.sh file executable. ( #253 )
...
So one can easily `cp docs/examples/hook.sh .`
2016-09-14 15:11:25 +02:00
ec49a4433b
fixed a few things after project rename
2016-09-13 20:00:43 +02:00
64e35463cb
renamed project to dehydrated and main script to dehydrated.sh
2016-09-13 19:48:27 +02:00
6192b33ac2
ECDSA is supported since February 10, 2016 ( #260 )
...
Let's Encrypt will however sign all ECDSA certs with an RSA intermediate certificate.
https://letsencrypt.org/upcoming-features/
2016-08-22 15:40:37 +02:00
47602dea04
Update staging doc: Let's Encrypt is no longer in beta. ( #259 )
2016-08-22 15:38:29 +02:00
3a66a7f8d2
Fix default license help text in example config ( #254 )
2016-08-06 15:32:53 +02:00
ca0249c46c
Update staging.md
2016-08-03 23:47:57 +02:00
afabfff06e
updated url to letsencrypt license agreement
2016-08-01 20:35:46 +02:00
194464b04b
Default WELLKNOWN location is now /var/www/letsencrypt
...
With this change private and public files are now separated by default.
2016-07-20 17:04:25 +02:00
364bcccf74
Added option to select IP version of name to address resolution ( #231 )
2016-07-20 16:49:04 +02:00
2042b177c7
modified lighttpd example config
2016-06-10 23:41:59 +02:00
ae98ff6767
Add Lighttpd example to wellknown.md ( #224 )
2016-06-08 01:49:50 +02:00
194d543fa1
removed ACCOUNT_KEY and ACCOUNT_KEY_JSON from example config
2016-06-04 11:12:30 +02:00
034ec30c7d
added multi-account support ( fixes #92 , #163 )
2016-06-04 04:01:24 +02:00
ec48906992
initial support for configuration on per-certificate base ( #105 )
2016-05-26 17:11:42 +02:00
8e77ba5e02
added option to set csr-flag indicating ocsp stapling to be mandatory
2016-05-26 15:02:23 +02:00
785ffa5539
Make certificate output location configurable ( #210 )
2016-05-26 14:53:01 +02:00
d5b285868e
renamed "config.sh" to "config"
2016-05-22 22:34:28 +02:00
722430039b
Remove unneded shebang for config.sh.example
2016-05-22 22:25:14 +02:00
a3e5ed361b
Make location of domains.txt configurable ( #204 )
...
This is implemented by defining ${DOMAINS_TXT} in config.sh. If not
set in config.sh, it defaults to the previously (hard-coded) location,
which is ${BASEDIR}/domains.txt.
2016-05-22 18:49:17 +02:00
969bebef95
updated docs/wellknown.md
2016-05-16 12:22:42 +02:00
f0a92dfa59
Update wellknown.md
...
apache config that would work for 1.3, 2.0, 2.2 and 2.4
2016-05-14 20:19:19 +03:00
e608dc2ba8
Renew private key by default, but keep option to disable this feature
2016-05-10 22:14:23 +02:00
af2bc7a94f
Revert "Removed option to reuse old private keys." (useful for HKPK, see #195 )
...
This reverts commit 4dc9953319
2016-05-10 22:11:57 +02:00
4dc9953319
Removed option to reuse old private keys.
...
I have no idea why I thought reusing the keys would be a good idea
when I first started this...
2016-05-08 15:57:15 +02:00
c9c430b887
Update wellknown.md
2016-04-26 15:18:45 -04:00
bfbfb7913c
wellknown.md: Clarify WELLKNOWN variable
2016-04-26 14:07:54 -04:00
adef40762c
updated config example: PRIVATE_KEY is now ACCOUNT_KEY
2016-04-24 19:56:31 +02:00
b0e2ecde5f
added timestamp parameter to deploy_cert function of example hook script (related to #156 )
2016-04-15 01:34:23 +02:00
7d0ef22239
added documentation for HOOK_CHAIN config parameter
2016-04-09 00:06:22 +02:00
dca25e8e45
fixed nginx example ( fixes #173 )
2016-03-28 23:08:15 +02:00
cf80ccc5ef
Update troubleshooting.md
2016-03-27 20:34:01 +02:00
7838191ddf
added another api limit message to troubleshooting.md
2016-03-26 01:54:29 +01:00
Lukas Schauer