Wesley Graham
66b2c4b1a4
Add automated challenge retries, RFC 8555
2020-04-30 04:44:08 -07:00
Wesley Graham
40d7c42e33
Implement acme RFC 8555, challenge retries
2020-04-30 04:44:08 -07:00
Ivan Bertona
cb46a8b741
Small test fixes.
2020-02-11 09:57:28 -05:00
Ivan Bertona
10bc548c6e
Remove leftover file.
2020-02-10 14:58:16 -05:00
Ivan Bertona
200cfd2433
Add test for missing TLS certificates in response.
2020-02-10 14:50:13 -05:00
Ivan Bertona
157686e338
Tiny finishes.
2020-02-07 19:57:29 -05:00
Ivan Bertona
6843408d42
Reject obsolete id-pe-acmeIdentifier.
2020-02-07 19:26:18 -05:00
Ivan Bertona
6b5a2b17b5
Add challenge unmarshal test cases.
2020-02-07 15:25:27 -05:00
Ivan Bertona
b8208ec401
Add test case for failed came-tls/1 protocol negotiation.
2020-02-07 15:14:08 -05:00
Ivan Bertona
4b473732d9
Add support for TLS-ALPN-01 challenge.
2020-02-07 14:37:13 -05:00
max furman
c255274572
Should be returning status code 400 for ACME Account Not Found.
...
Issue #173
2020-02-01 17:35:41 -08:00
Mariano Cano
0a890a5c16
Add the commonName as a DNSName to match RFC.
...
Normalize names and remove the use of reflection.
2020-01-28 15:34:01 -08:00
max furman
432ed0090f
Use _'s in table names.
2020-01-28 13:29:40 -08:00
max furman
967e86a48b
Simplify trimming *. prefix of domain in acme dns validation.
2019-12-20 13:32:44 -08:00
Oleksandr Kovalchuk
ec8ff0bced
Add testcase which ensures we pass correct domain to lookupTxt
...
Make sure we do not pass domains with asterisk (wildcard) in the middle,
like _acme-challenge.*.example.com to lookupTxt function, but preprocess
domain and remove leading wildcard so we lookup for
_acme-challenge.example.com.
2019-12-20 22:54:41 +02:00
Oleksandr Kovalchuk
46832bb9b3
Remove superflurous Printf statement
...
The statement was used for debug purposes and should not be included in
the final build
2019-12-20 22:22:12 +02:00
Oleksandr Kovalchuk
a995cca418
Perform domain normalization for wildcard domains
...
Perform domain normalization for wildcard domains, so we do query
TXT records for _acme-challenge.example.domain instead of
_acme-challenge.*.example.domain when performing DNS-01 challenge. In
this way the behavior is consistent with letsencrypt and records queried
are in sync with the ones that are shown in certbot manual mode.
2019-12-20 19:17:53 +02:00
Max
0a96062b76
Merge pull request #128 from jkralik/returnCertChain
...
Change api of functions Authority.Sign, Authority.Renew
2019-10-18 14:00:18 -07:00
max furman
d368791606
Add x5c provisioner capabilities
2019-10-14 14:51:37 -07:00
max furman
7aec7c2612
Create ACME database tables when initializing ACME autority.
2019-10-14 14:51:03 -07:00
Jozef Kralik
bc6074f596
Change api of functions Authority.Sign, Authority.Renew
...
Returns certificate chain instead of 2 members.
Implements #126
2019-10-09 22:23:00 +02:00
max furman
e92dfb2516
Fix authz shadow declarations
2019-09-30 11:49:15 -07:00
max furman
fe7973c060
wip
2019-09-19 13:17:45 -07:00
max furman
e3826dd1c3
Add ACME CA capabilities
2019-09-13 15:48:33 -07:00