Herman Slatman
|
c7a9c13060
|
Add tests for extractOrLookupJWK middleware
|
2021-11-12 16:37:44 +01:00 |
|
Herman Slatman
|
3151255a25
|
Merge branch 'master' into hs/acme-revocation
|
2021-10-30 15:41:29 +02:00 |
|
max furman
|
933b40a02a
|
Introduce gocritic linter and address warnings
|
2021-10-08 14:59:57 -04:00 |
|
Mariano Cano
|
470b546d59
|
Merge pull request #557 from joejulian/http01-isv
use InsecureSkipVerify for validation
|
2021-08-26 18:06:57 -07:00 |
|
max furman
|
a3028bbc0e
|
Add test for updateAddOrderIDs
|
2021-08-18 23:44:57 -07:00 |
|
Mariano Cano
|
dc5205cc72
|
Extract the tls error code and fail accordingly.
|
2021-08-17 17:06:25 -07:00 |
|
Mariano Cano
|
ae58a0ee4e
|
Make tests compatible with Go 1.17.
With Go 1.17 tls.Dial will fail if the client and server configured
protocols do not overlap. See https://golang.org/doc/go1.17#ALPN
|
2021-08-17 16:31:53 -07:00 |
|
Herman Slatman
|
258efca0fa
|
Improve revocation authorization
|
2021-07-10 00:28:31 +02:00 |
|
Herman Slatman
|
97165f1844
|
Fix test mocking for CreateCertificate
|
2021-07-09 22:48:03 +02:00 |
|
Herman Slatman
|
2b15230aa4
|
Add Serial to Cert ID ACME table and lookup
|
2021-07-09 17:51:31 +02:00 |
|
Herman Slatman
|
8f7e700f09
|
Merge branch 'master' into hs/acme-revocation
|
2021-07-09 11:22:25 +02:00 |
|
max furman
|
857a50434c
|
Merge branch 'master' into max/cert-mgr-crud
|
2021-07-08 16:25:52 -07:00 |
|
max furman
|
9fdef64709
|
Admin level API for provisioner mgmt v1
|
2021-07-02 19:05:17 -07:00 |
|
Herman Slatman
|
16fe07d4dc
|
Fix mockSignAuth
|
2021-07-03 02:10:16 +02:00 |
|
Herman Slatman
|
0e56932e76
|
Add support for revocation using JWK
|
2021-07-03 01:57:27 +02:00 |
|
Herman Slatman
|
84e7d468f2
|
Improve handling of ACME revocation
|
2021-07-03 00:21:17 +02:00 |
|
Herman Slatman
|
d53bcaf830
|
Add base logic for ACME revoke-cert
|
2021-07-02 22:51:15 +02:00 |
|
Herman Slatman
|
8e4a4ecc1f
|
Refactor tests for sans
|
2021-06-26 00:48:40 +02:00 |
|
Herman Slatman
|
87b72afa25
|
Fix IP equality check and add more tests
|
2021-06-26 00:13:44 +02:00 |
|
Herman Slatman
|
a6d33b7d06
|
Add tests for sans()
|
2021-06-25 17:21:22 +02:00 |
|
Herman Slatman
|
64c15fde7e
|
Add tests for canonicalize function
|
2021-06-25 14:07:40 +02:00 |
|
Herman Slatman
|
c514a187b2
|
Fix Fail() -_-b
|
2021-06-18 17:37:56 +02:00 |
|
Herman Slatman
|
135e912ac8
|
Improve coverage for TLS-ALPN-01 challenge
|
2021-06-18 17:27:35 +02:00 |
|
Herman Slatman
|
218a2adb9f
|
Add tests for IP Order validations
|
2021-06-18 16:09:48 +02:00 |
|
Herman Slatman
|
523ae96749
|
Change identifier and challenge types to consts
|
2021-06-18 12:39:36 +02:00 |
|
Herman Slatman
|
84ea8bd67a
|
Fix PR comments
|
2021-06-18 12:03:46 +02:00 |
|
Herman Slatman
|
af4803b8b8
|
Fix tests
|
2021-06-04 11:14:59 +02:00 |
|
Herman Slatman
|
0c79914d0d
|
Improve check for single IP in TLS-ALPN-01 challenge
|
2021-06-04 00:18:26 +02:00 |
|
Herman Slatman
|
a6405e98a9
|
Remove fmt.
|
2021-06-04 00:06:15 +02:00 |
|
Herman Slatman
|
2f40011da8
|
Add support for TLS-ALPN-01 challenge
|
2021-06-04 00:01:43 +02:00 |
|
Herman Slatman
|
76dcf542d4
|
Fix mixed DNS and IP SANs in Order
|
2021-06-03 22:45:24 +02:00 |
|
Herman Slatman
|
af615db6b5
|
Support DNS and IPs as SANs in single Order
|
2021-06-03 22:03:21 +02:00 |
|
Herman Slatman
|
a0e92f8e99
|
Verify IP identifier contains valid IP
|
2021-06-03 22:02:13 +02:00 |
|
Herman Slatman
|
6486e6016b
|
Make logic for which challenge types to use clearer
|
2021-05-29 00:37:22 +02:00 |
|
Herman Slatman
|
3e36522329
|
Add preliminary support for TLS-ALPN-01 challenge for IP identifiers
|
2021-05-29 00:19:14 +02:00 |
|
Herman Slatman
|
6d9710c88d
|
Add initial support for ACME IP validation
|
2021-05-28 16:40:46 +02:00 |
|
max furman
|
7b5d6968a5
|
first commit
|
2021-05-19 15:20:16 -07:00 |
|
Joe Julian
|
0369151bfa
|
use InsecureSkipVerify for validation
The server will not yet have a valid certificate so we need to disable
certificate validation in the HTTPGetter.
|
2021-04-27 08:18:35 -07:00 |
|
Mariano Cano
|
2e1524ec2f
|
Remove the creation on nonce on get acme directory.
According to RFC 8555, the replay nonces are only required in POST
requests. And of course in the new-nonce request.
|
2021-04-15 17:54:22 -07:00 |
|
max furman
|
93c3c2bf2e
|
Error handle non existent provisioner downstream and disable debug route logging
|
2021-04-14 15:35:43 -07:00 |
|
max furman
|
497ec0c79b
|
Fix linter issues
|
2021-04-14 15:14:27 -07:00 |
|
max furman
|
b1888fd34d
|
Use different method for unescpaed paths for the router
|
2021-04-14 15:11:15 -07:00 |
|
max furman
|
6cfb9b790c
|
Remove check of deprecated value
- NegotiatedProtocolIsMutual is always true: Deprecated according to
golang docs
|
2021-04-13 14:53:05 -07:00 |
|
max furman
|
63ec2e35b0
|
Change Clock to empty struct in nosql/nosql | truncate > round
- saves space
-
|
2021-04-13 14:42:37 -07:00 |
|
max furman
|
672e3f976e
|
Few ACME fixes ...
- always URL escape linker output
- validateJWS should accept RSAPSS
- GetUpdateAccount -> GetOrUpdateAccount
|
2021-04-12 19:06:07 -07:00 |
|
max furman
|
2e0e62bc4c
|
add WriteError method for acme api
|
2021-03-29 23:16:39 -07:00 |
|
max furman
|
9aef84b9af
|
remove unused nonce.clone method
|
2021-03-29 23:02:41 -07:00 |
|
max furman
|
440678cb62
|
Add markInvalid arg to storeError for invalidating challenge
|
2021-03-29 22:58:26 -07:00 |
|
max furman
|
6b8585c702
|
PR review fixes / updates
|
2021-03-29 12:04:14 -07:00 |
|
max furman
|
bdace1e53f
|
Add failure scenarios to db.CreateOrder unit tests
|
2021-03-25 19:40:18 -07:00 |
|