starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-11 22:30:44 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Commit Graph

  • 1dbbc64ce9 implement workaround for openssl regression (fixes #981) master Lukas Schauer 2025-10-24 09:14:05 +02:00
  • 12877bb238 throw error with information about OCSP deprecation if certificate doesn't indicate OCSP support Lukas Schauer 2025-07-05 11:12:31 +02:00
  • ad43e250b2 allow KEEP_GOING to also skip over ocsp stapling errors, update ocsp error message with a hint about deprecation on some CAs Lukas Schauer 2025-07-05 10:55:33 +02:00
  • 8e9e5ef9c7 also allow setting KEEP_GOING as a config option Lukas Schauer 2025-07-05 10:54:29 +02:00
  • a7deeaedbc set empty subject for ip-certificates Lukas Schauer 2025-07-05 10:28:09 +02:00
  • 3d95f18000 Don't allow CDN's to send cached responses Victor Coss 2025-05-31 20:45:56 -04:00
  • ce9eb300e2 implemented domain validation timeout Lukas Schauer 2025-06-17 19:51:21 +02:00
  • 9cfcd66f15 small addition to 0.7.2 changelog Lukas Schauer 2025-05-18 02:28:57 +02:00
  • 73bb54a4b2 updated changelog Lukas Schauer 2025-05-18 02:16:14 +02:00
  • 3a71a7ad94 only validate existance of wellknown directory or hook script when actually necessary (fixes #965) Lukas Schauer 2025-05-18 02:06:53 +02:00
  • 0290338853 post-v0.7.2-release Lukas Schauer 2025-05-18 01:36:11 +02:00
  • fcca67b53c release v0.7.2 v0.7.2 Lukas Schauer 2025-05-18 01:34:32 +02:00
  • cf9e6a33fd Allow for automatic deletion of old files Lukas Schauer 2025-05-02 14:44:47 +02:00
  • bec154f070 Added a configuration parameter to allow for timeouts during order processing (fixes #955) Lukas Schauer 2025-05-02 14:34:34 +02:00
  • 0141d86267 Update README (closes #964) Lukas Schauer 2025-05-02 14:38:35 +02:00
  • a86a176805 use temporary csr file instead of stdin (keeps compatibility to older openssl versions) Lukas Schauer 2025-04-23 11:24:42 +02:00
  • 200cd68e7e updated changelog Lukas Schauer 2025-04-14 19:49:31 +02:00
  • e973cb2d8a Disable warning when reading CSRs from stdin. Christian Kujau 2024-07-15 00:21:23 +02:00
  • 7c438c484f added google ca to example config and added documentation link to error message Lukas Schauer 2025-04-14 19:12:59 +02:00
  • a94f451014 Add support for Google Trust Services. Official Documentation: https://cloud.google.com/certificate-manager/docs/public-ca-tutorial The first registration requires obtaining EAB_KID and EAB_HMAC_KEY according to the document, and setting CONTACT_EMAIL, EAB_HMAC_KEY, EAB_KID in the configuration file. hshh 2024-08-13 01:21:57 +08:00
  • a615a55ad6 Update dehydrated repo urls in man page Bob Idle 2024-03-05 17:09:24 +01:00
  • f6d82e2715 fix small issue with certificate profile selection (use key instead of value) Lukas Schauer 2025-04-14 18:49:44 +02:00
  • 1a1cb94a61 added changelog + default config entries for certificate profile selection Lukas Schauer 2025-04-14 18:41:38 +02:00
  • 5ab8c3806d implemented certificate profile selection (draft-aaron-acme-profiles-00) Youfu Zhang 2025-01-13 21:04:55 +08:00
  • 4ea5081640 renew certificates with 32 days remaining (instead of 30) to avoid issues with monthly cronjobs (fixes #963) Lukas Schauer 2025-04-11 10:33:03 +02:00
  • 911a822c0c added option to pass environment variables over sudo sudo-env Lukas Schauer 2024-08-04 12:04:56 +02:00
  • 4fd777e87e Ignore output of 'openssl req -verify'. Wilfried Teiken 2023-12-03 15:07:01 -05:00
  • e3ef43c816 fix zsh compatibility (fixes #896) Lukas Schauer 2023-01-16 22:41:05 +01:00
  • 67b111a7b0 Replace all escaped slashes in json strings (closes #866) Alexander Sulfrian 2022-02-04 20:34:22 +01:00
  • fa68ad8b23 improve man page based on feedback from debian-l10n-english (fixes #873, closes #875) Daniel Molkentin 2022-05-12 11:41:13 +02:00
  • 5c4adf6baa added note about dehydrated irc channel Lukas Schauer 2022-10-31 15:46:28 +01:00
  • 35bfea55b6 increase dehydrated version for git master use Lukas Schauer 2022-10-31 15:46:07 +01:00
  • ea84199863 release 0.7.1 (it finally happened!) v0.7.1 Lukas Schauer 2022-10-31 15:12:38 +01:00
  • 6091ba4bc2 Add missing checks and fix hexdump output (closes #878) Krayon 2022-06-07 17:13:18 +10:00
  • 6fb8eba56a implemented workaround for retrying on badNonce errors testing Lukas Schauer 2022-09-07 15:09:57 +02:00
  • 19c7fbbf47 egrep is deprecated Simon Deziel 2022-03-23 13:31:31 -04:00
  • 7128e6b63c rfc8738: fix CN on certs with mixed ip+dns rfc8738 Lukas Schauer 2022-04-07 01:34:21 +02:00
  • 861f4c733d rfc8738: only replace ip with reverse dns thingy if tls-alpn-01 is used Lukas Schauer 2022-04-07 01:33:48 +02:00
  • ad3f08084c implemented rfc 8738 support Lukas Schauer 2022-04-06 22:23:43 +02:00
  • 784fb806c8 really reverted regression in somehow broken array expansion from e963438c.. Lukas Schauer 2021-11-02 09:05:19 +01:00
  • b2574b16d1 reverted regression in somehow broken array expansion from e963438c (fixes #850) Lukas Schauer 2021-11-02 09:00:54 +01:00
  • da641588ce removed old logo Lukas Schauer 2021-11-01 19:25:17 +01:00
  • 8e6ddf6286 readme and (temporary) logo update Lukas Schauer 2021-11-01 19:18:49 +01:00
  • 8e5977890a fix regression from e963438c (fixes #849) Lukas Schauer 2021-11-01 18:54:30 +01:00
  • 3bcf0c7f5a use noglob helpers for domains.txt.d parsing Lukas Schauer 2021-11-01 18:56:23 +01:00
  • b347bc9086 added some changes to changelog Lukas Schauer 2021-10-31 22:58:06 +01:00
  • 08477170e9 Exit with error if somebody is trying to use EC account keys with ACME v1 Lukas Schauer 2021-10-31 22:36:40 +01:00
  • f4cf92bae5 extend ec algorithms with secp521r1 (not yet supported by LetsEncrypt, but maybe by other CAs) Lukas Schauer 2021-10-31 22:31:09 +01:00
  • 93573cda3c experimental support for ec account keys (fixes #827) Lukas Schauer 2021-10-31 22:29:44 +01:00
  • 607a6088d3 Avoid writing ec-parameters to private-key file (fixes #830) Lukas Schauer 2021-10-31 20:20:40 +01:00
  • 880c99aa63 Better solution for issue #845 Lukas Schauer 2021-10-31 20:11:31 +01:00
  • 7ac25358ef Show error if chain is configured for a CA which doesn't offer alternate chains (fixes #845) Lukas Schauer 2021-10-31 20:06:09 +01:00
  • 5733863b93 added warning about possible behaviour-change with new domains.txt.d feature Lukas Schauer 2021-10-31 19:55:41 +01:00
  • f6a84a88fa Support reading domains from drop-in snippets in domains.txt.d Marc Schütz 2021-03-19 18:26:39 +01:00
  • e963438c5a make shellcheck happy again Lukas Schauer 2021-03-29 19:14:03 +02:00
  • 095165ee96 Only check existing certs when necessary Stefaan Ghysels 2019-08-26 10:28:01 +02:00
  • 199cd59774 Remove debug echo in command_cleanup() Simon Deziel 2021-06-08 11:13:04 -04:00
  • e17456778f Use consistent indent in hook.sh Elan Ruusamäe 2021-09-22 08:22:55 +03:00
  • 71f6bc617e Better handling around grep/awk Brian Bennett 2021-09-20 15:25:18 -07:00
  • 6ee4ae508e fix command_version on Darwin/macOS 11 Joao Morais 2021-10-17 09:26:46 -03:00
  • 91cccc0c23 ensure newline before new section in openssl.cnf 27o 2021-04-12 08:47:22 +02:00
  • ab016803dd expand documentation on using letsencrypt staging ca Lukas Schauer 2021-04-18 03:48:47 +02:00
  • 7d8573af12 Update staging.md to use ACMEv2 server (closes #812) Nick 2021-04-01 16:49:55 -04:00
  • fb06530097 command_sign_csr: redirect fds after init_system (fixes #816) Lukas Schauer 2021-04-16 14:32:05 +02:00
  • 5c1551e946 remove some dots :) Lukas Schauer 2021-03-29 20:20:52 +02:00
  • 20c27b291c Add more examples to show case how to create certs Marcus Rückert 2021-03-29 20:15:32 +02:00
  • 24f66a3473 generic support for weird curl versions with lower-case headers and no whitespace Lukas Schauer 2021-03-21 20:51:10 +01:00
  • 21bff55b7c Updating nonce handler for newer versions of F5 joele89 2021-02-22 19:53:55 +11:00
  • 374fce0249 document using -t tls-alpn-01 with lighttpd Glenn Strauss 2021-02-22 15:46:58 -05:00
  • 00941472b2 add -t tls-alpn-01 to command line help Glenn Strauss 2021-02-01 04:41:17 -05:00
  • 527933db24 Per-certificate config fixes Michel Lespinasse 2021-02-01 19:42:09 -08:00
  • 33a421f1e4 Support for LibreSSL version of openssl on macOS Nathan Felton 2021-01-05 14:34:16 -05:00
  • dd0bbd2405 update copyright year Lukas Schauer 2021-02-18 16:46:06 +01:00
  • 26660e11c7 Fixed small unassigned variable issue Lukas Schauer 2020-12-12 03:12:13 +01:00
  • 316054ad1c Do not revalidate authorizations on forced renewal Lukas Schauer 2020-12-12 03:01:47 +01:00
  • 29b67962ac fix CN extraction for older openssl versions Lukas Schauer 2020-12-11 18:02:51 +01:00
  • 3a7795589b bump changelog for new draft releases Lukas Schauer 2020-12-10 16:56:13 +01:00
  • 082da2527c preparing for release 0.7.0 v0.7.0 Lukas Schauer 2020-12-10 16:54:26 +01:00
  • e784ba3853 use normal error behaviour for failing http requests (fixes #782) Lukas Schauer 2020-12-10 16:32:02 +01:00
  • abd369d062 allow to set domains.txt as cli argument (fixes #678) Lukas Schauer 2020-12-10 16:07:28 +01:00
  • cb7fb82beb use secp384r1 as default (instead of rsa, fixes #651) Lukas Schauer 2020-12-10 16:01:54 +01:00
  • 174616becd use secp384r1 as default (instead of rsa, fixes #651) Lukas Schauer 2020-12-10 16:01:08 +01:00
  • 27fd41d75f adding new CLI Command (--cleanupdelete / -gcd) to cleanup+delete (instead of just moving to /archive) (closes #587) Raphael Hoegger 2018-08-15 11:48:20 +02:00
  • ea106ef72e allow setting OCSP_FETCH and OCSP_DAYS per certificate config (closes #602, thx @bjacke) Lukas Schauer 2020-12-10 14:28:30 +01:00
  • f2d6a6152e cleanup: also remove dangling symlinks Lukas Schauer 2020-12-10 14:15:07 +01:00
  • 129ec851ed cleanup: also do cleanup if symlink is broken (closes #667) Arnout Vandecappelle (Essensium/Mind) 2019-08-30 17:02:56 +02:00
  • 835963fa6e make alpn-validation certificates and keys group readable (closes #754, fixes #753) Georg Altmann 2020-08-15 14:53:04 +02:00
  • 829aaeff2d Fix OCSP_FETCH with libressl Daniel Molkentin 2020-12-01 19:51:06 +01:00
  • 481aba7d7b remove quotes from per-cert-config vars to allow for spaces (fixes #789, closes #791) Lukas Schauer 2020-12-09 20:41:17 +01:00
  • fbcaac89f9 changed method for parsing issuer cn, fixing compatibility with some openssl versions Lukas Schauer 2020-12-09 19:38:27 +01:00
  • 589e9f30b3 show available options if preferred chain is not found Lukas Schauer 2020-11-21 16:19:08 +01:00
  • f2103340f3 fix spaces in sudo arguments Lukas Schauer 2020-11-20 17:08:57 +01:00
  • c670c18299 added display-terms to changelog+readme Lukas Schauer 2020-11-13 20:49:18 +01:00
  • 7cc9e2d07f add --display-terms to display the URL for the current ToS Daniel Molkentin 2020-09-28 16:44:36 +02:00
  • 7dfde364a3 added support for requesting preferred-chain instead of default chain Lukas Schauer 2020-11-13 20:36:51 +01:00
  • 7d3288f428 one more \s -> [[:space:]] replacement Lukas Schauer 2020-09-30 11:35:06 +02:00
  • e69df6521b Replace \s with [[:space:]] for compatibility Jarkko Oranen 2020-09-07 20:47:30 +03:00
  • 8ddead4854 Complain about deactivated accounts Daniel Molkentin 2020-09-28 00:13:39 +02:00
  • 308b3ec750 implement account deactivation through --deactivate parameter Daniel Molkentin 2020-09-02 00:49:17 +02:00
  • 39e1068a87 Don't require sudo before we know we really need it Daniel Molkentin 2020-09-02 00:00:15 +02:00