Commit graph

8 commits

Author SHA1 Message Date
David Cowden
d5f95dee57 Merge branch 'master' into dcow/challenge-retry 2020-05-18 04:06:30 -07:00
max furman
e1409349f3 Allow relative URL for all links in ACME api ...
* Pass the request context all the way down the ACME stack.
* Save baseURL in context and use when generating ACME urls.
2020-05-14 17:32:54 -07:00
David Cowden
8ae32f50f2 acme: Fix comment style to appease linter
The linter likes comments on public functions to start with their name,
for some reason...
2020-05-13 05:04:49 -07:00
David Cowden
9af4dd3692 acme: Retry challenge validation attempts
Section 8.2 of RFC 8555 explains how retries apply to the validation
process. However, much is left up to the implementer.

Add retries every 12 seconds for 2 minutes after a client requests a
validation. The challenge status remains "processing" indefinitely until
a distinct conclusion is reached. This allows a client to continually
re-request a validation by sending a post-get to the challenge resource
until the process fails or succeeds.

Challenges in the processing state include information about why a
validation did not complete in the error field. The server also includes
a Retry-After header to help clients and servers coordinate.

Retries are inherently stateful because they're part of the public API.
When running step-ca in a highly available setup with replicas, care
must be taken to maintain a persistent identifier for each instance
"slot". In kubernetes, this implies a *stateful set*.
2020-05-06 07:39:13 -07:00
Max
0a96062b76
Merge pull request #128 from jkralik/returnCertChain
Change api of functions Authority.Sign, Authority.Renew
2019-10-18 14:00:18 -07:00
max furman
7aec7c2612 Create ACME database tables when initializing ACME autority. 2019-10-14 14:51:03 -07:00
Jozef Kralik
bc6074f596 Change api of functions Authority.Sign, Authority.Renew
Returns certificate chain instead of 2 members.

Implements #126
2019-10-09 22:23:00 +02:00
max furman
e3826dd1c3 Add ACME CA capabilities 2019-09-13 15:48:33 -07:00