Mariano Cano
50717b3ffa
Update assert package.
2020-01-03 13:27:45 -08:00
Mariano Cano
e67ccd9e3d
Add fault tolerance against clock skew accross system on TLS certificates.
2020-01-02 17:48:28 -08:00
max furman
967e86a48b
Simplify trimming *. prefix of domain in acme dns validation.
2019-12-20 13:32:44 -08:00
Max
37d33968f1
Merge pull request #146 from anxolerd/normalize-wildcard
...
Perform domain normalization for wildcard domains
2019-12-20 13:29:24 -08:00
Oleksandr Kovalchuk
ec8ff0bced
Add testcase which ensures we pass correct domain to lookupTxt
...
Make sure we do not pass domains with asterisk (wildcard) in the middle,
like _acme-challenge.*.example.com to lookupTxt function, but preprocess
domain and remove leading wildcard so we lookup for
_acme-challenge.example.com.
2019-12-20 22:54:41 +02:00
Oleksandr Kovalchuk
46832bb9b3
Remove superflurous Printf statement
...
The statement was used for debug purposes and should not be included in
the final build
2019-12-20 22:22:12 +02:00
Oleksandr Kovalchuk
a995cca418
Perform domain normalization for wildcard domains
...
Perform domain normalization for wildcard domains, so we do query
TXT records for _acme-challenge.example.domain instead of
_acme-challenge.*.example.domain when performing DNS-01 challenge. In
this way the behavior is consistent with letsencrypt and records queried
are in sync with the ones that are shown in certbot manual mode.
2019-12-20 19:17:53 +02:00
Mariano Cano
1fa35491ea
Update cli dependency.
2019-12-18 14:44:59 -08:00
Mariano Cano
eeabf5ba4c
Fix tests.
2019-12-18 14:44:08 -08:00
Mariano Cano
a6deea7d8d
Renew identity certificate in /ssh/rekey and /ssh/renew
2019-12-18 14:43:38 -08:00
Mariano Cano
0b5d37b284
Add method to just write the identity certificate.
2019-12-18 14:39:01 -08:00
Mariano Cano
839fe6b952
Add method to renew the identity.
2019-12-18 12:46:46 -08:00
max furman
aa58940582
Should be returning nil from applyIdentity if cert expired.
2019-12-17 15:53:37 -08:00
max furman
6200aeaad0
cli dep update
2019-12-17 14:39:08 -08:00
Max
bd6eca6342
Merge pull request #145 from smallstep/err
2019-12-17 14:33:48 -08:00
max furman
e5a8629a21
updating dependencies
2019-12-17 14:31:22 -08:00
max furman
cb78a087d5
Update cli dep
2019-12-17 14:30:18 -08:00
max furman
f9ef5070f9
Move api errors to their own package and modify the typedef
2019-12-17 14:26:02 -08:00
Mariano Cano
6d6f496331
Allow no provisioners.
2019-12-16 11:22:24 -08:00
Mariano Cano
ba11f6acb7
Update dependencies.
2019-12-13 13:59:11 -08:00
Mariano Cano
d210082113
Use new version of nosql.
2019-12-13 13:56:56 -08:00
Mariano Cano
7ecb831e07
Add wrappers to identity methods in the ca package.
2019-12-12 13:16:17 -08:00
Mariano Cano
3f71b8debd
Add mTLS test for identity client.
2019-12-12 12:48:34 -08:00
Mariano Cano
3717c7a8d3
Improve identity tests.
2019-12-12 12:23:53 -08:00
Mariano Cano
0d9a9e083e
Add identity client and move identity to a new package.
2019-12-11 20:23:44 -08:00
Mariano Cano
89b216c21e
Fix test.
2019-12-11 18:24:32 -08:00
Mariano Cano
96b6989658
Addapt test to api change.
2019-12-11 18:21:20 -08:00
Mariano Cano
bde29b1bbd
Addapt tests to the api change.
2019-12-11 18:18:13 -08:00
Mariano Cano
28b08ef46b
Fail silently if the identity fails.
2019-12-11 16:27:37 -08:00
Mariano Cano
401fc20e96
Re-enable profiler.
2019-12-11 16:27:37 -08:00
max furman
623be4ef09
update cli dep
2019-12-11 14:56:50 -08:00
Max
1f42637ba1
Merge pull request #143 from smallstep/expired-cert
...
Expired cert
2019-12-11 14:55:21 -08:00
max furman
1e17ec7d33
Use x5cInsecure token for /ssh/check-host endpoint
2019-12-11 14:54:29 -08:00
Mariano Cano
7fe1eb8686
Add GetTransport to client.
2019-12-10 16:34:24 -08:00
Mariano Cano
e841a86b48
Make sure to define the KeyID from the token if available.
2019-12-10 16:34:01 -08:00
Mariano Cano
014d2c7ccd
Go mod tidy.
2019-12-10 13:41:06 -08:00
Mariano Cano
40ec0b435a
Add method to create an ssh token.
2019-12-10 13:40:14 -08:00
Mariano Cano
8eeb82d0ce
Store renew certificate in the database.
2019-12-10 13:10:45 -08:00
Mariano Cano
50152391a3
Add leeway in identity not before.
2019-12-09 16:55:25 -08:00
max furman
2676d525c4
redundant variable type def
2019-12-09 12:54:32 -08:00
Mariano Cano
83129fd59f
Add quotes in configuration paths.
2019-12-04 12:04:46 -08:00
max furman
55237d635c
Fix authority calling wrong revoke method
2019-12-03 12:39:57 -05:00
Mariano Cano
b25cbbe6ca
Create a custom client that sends a custom User-Agent.
2019-11-27 17:30:06 -08:00
Mariano Cano
15a222d354
Add missing unit tests for ssh.
2019-11-27 14:48:34 -08:00
Mariano Cano
a049e1f7e7
Check at the cert type instead of at the body.
2019-11-27 14:48:14 -08:00
Mariano Cano
c5e34f777c
Replace /ssh/get-hosts to /ssh/hosts
2019-11-27 14:27:23 -08:00
Mariano Cano
967d113726
Add error marshaling tests.
2019-11-27 12:25:40 -08:00
Mariano Cano
1a94c0df94
Use default duration for host certificates identity files.
2019-11-26 19:09:01 -08:00
Mariano Cano
f99d1007bc
Update cli dependency.
2019-11-26 18:53:36 -08:00
Mariano Cano
b97aeedb78
Fix tests.
2019-11-26 18:53:36 -08:00