Raal Goff
60671b07d7
Merge branch 'master' into crl-support
...
# Conflicts:
# api/api.go
# authority/config/config.go
# cas/softcas/softcas.go
# db/db.go
2 years ago
Mariano Cano
43ddcf2efe
Do not use deprecated AuthorizeSign
2 years ago
Mariano Cano
48e2fabeb8
Add authority.MustFromContext
2 years ago
Mariano Cano
817af3d696
Fix unit tests on the api package
2 years ago
Mariano Cano
a93653ea8e
Use api.Route instead of the caHandler.
2 years ago
Mariano Cano
a6b8e65d69
Retrieve the authority from the context in api methods.
2 years ago
Raal Goff
53dbe2309b
implemented some requested changes
3 years ago
Raal Goff
d417ce3232
implement changes from review
3 years ago
Raal Goff
7d024cc4cb
change GenerateCertificateRevocationList to return DER, store DER in db instead of PEM, nicer PEM encoding of CRL, add Mock stubs
3 years ago
Raal Goff
e8fdb703c9
initial support for CRL
3 years ago
Panagiotis Siatras
00634fb648
api/render, api/log: initial implementation of the packages ( #860 )
...
* api/render: initial implementation of the package
* acme/api: refactored to support api/render
* authority/admin: refactored to support api/render
* ca: refactored to support api/render
* api: refactored to support api/render
* api/render: implemented Error
* api: refactored to support api/render.Error
* acme/api: refactored to support api/render.Error
* authority/admin: refactored to support api/render.Error
* ca: refactored to support api/render.Error
* ca: fixed broken tests
* api/render, api/log: moved error logging to this package
* acme: refactored Error so that it implements render.RenderableError
* authority/admin: refactored Error so that it implements render.RenderableError
* api/render: implemented RenderableError
* api/render: added test coverage for Error
* api/render: implemented statusCodeFromError
* api: refactored RootsPEM to work with render.Error
* acme, authority/admin: fixed pointer receiver name for consistency
* api/render, errs: moved StatusCoder & StackTracer to the render package
3 years ago
Andrew Reed
d5d70baba7
Add /roots.pem handler ( #866 )
...
* Add /roots.pem handler
* Review changes
* Remove no peer cert test case
3 years ago
Panagiotis Siatras
29092b9d8a
api: refactored to use the read package
3 years ago
Mariano Cano
f8df6a1acc
Change variable name for consistency
3 years ago
Mariano Cano
616490a9c6
Refactor renew after expiry token authorization
...
This changes adds a new authority method that authorizes the
renew after expiry tokens.
3 years ago
Mariano Cano
afb5d36206
Allow to renew certificates using an x5c-like token.
3 years ago
Mariano Cano
b5db3f5706
Modify errs.ForbiddenErr to always return an error to the cli.
3 years ago
Mariano Cano
8c8db0d4b7
Modify errs.BadRequestErr() to always return an error to the client.
3 years ago
max furman
933b40a02a
Introduce gocritic linter and address warnings
3 years ago
Mariano Cano
4aa529605d
Merge pull request #641 from hillu/quote-serial
...
Log certificate's serial number as stringified decimal number
3 years ago
Herman Slatman
9210a6740b
Fix logging provisioner name as string
3 years ago
Hilko Bengen
edb01bc9f2
Log certificate's serial number as stringified decimal number
...
Using a JSON string fixes a common issue with JSON parsers that
deserialize all numbers to a 64-bit IEEE-754 floats. (Certificate
serial numbers are usually 128 bit values.)
This change is consistent with existing log entries for revocation
requests.
See also: #630 , #631
3 years ago
max furman
77fdfc9fa3
Merge branch 'master' into max/cert-mgr-crud
3 years ago
max furman
9fdef64709
Admin level API for provisioner mgmt v1
3 years ago
Mariano Cano
65dacc2795
Replace golint with revive
3 years ago
max furman
4f3e5ef64d
wip
3 years ago
max furman
7b5d6968a5
first commit
3 years ago
Mariano Cano
c1c986922b
Show Ed25519 in the public-key log field.
3 years ago
max furman
f88f58440f
add //nolint for new 1.16 deprecation warnings
...
- dsa
- pem.DecryptPEMBlock
4 years ago
Mariano Cano
c94a1c51be
Merge branch 'master' into ssh-cert-templates
4 years ago
Mariano Cano
aaaa7e9b4e
Merge branch 'master' into cert-templates
4 years ago
max furman
8e3481a8ef
[logger map] small optimization
...
Rather than doing two key writes and one lookup, just write once.
4 years ago
max furman
55bf5a4526
Add cert logging for acme/certificate api
4 years ago
Mariano Cano
4943ae58d8
Move TLSOption, TLSVersion, CipherSuites and ASN1DN to certificates.
4 years ago
Mariano Cano
6c64fb3ed2
Rename provisioner options structs:
...
* provisioner.ProvisionerOptions => provisioner.Options
* provisioner.Options => provisioner.SignOptions
* provisioner.SSHOptions => provisioner.SingSSHOptions
4 years ago
dharanikumar-s
dfda497929
Renamed RenewOrRekey to Rekey
4 years ago
dharanikumar-s
8f504483ce
Added RenewOrRekey function based on @maraino suggestion. RenewOrReky is called from Renew.
4 years ago
dharanikumar-s
3813f57b1a
Add support for rekeying Fixes #292
4 years ago
max furman
1cb8bb3ae1
Simplify statuscoder error generators.
5 years ago
max furman
dccbdf3a90
Introduce generalized statusCoder errors and loads of ssh unit tests.
...
* StatusCoder api errors that have friendly user messages.
* Unit tests for SSH sign/renew/rekey/revoke across all provisioners.
5 years ago
max furman
b9f6aacb0f
Move api errors to their own package and modify the typedef
5 years ago
Mariano Cano
5d7829b198
Replace /ssh/get-hosts to /ssh/hosts
5 years ago
Mariano Cano
c60641701b
Add version endpoint.
5 years ago
Mariano Cano
8bf3bf701e
Add support for /ssh/bastion method.
5 years ago
max furman
29853ae016
sshpop provisioner + ssh renew | revoke | rekey first pass
5 years ago
max furman
862d704f6b
get-hosts fixes
5 years ago
max furman
5616386eed
Add SSH getHosts api
5 years ago
Mariano Cano
37f17213bb
Add initial support for check-host endpoint.
5 years ago
Mariano Cano
d08db4df23
Rename SSH methods.
5 years ago
Mariano Cano
b5bc249e1c
Add support for multiple ssh roots.
...
Fixes #125
5 years ago