Ludovic Fernandez
88823a5c92
fix: use http.Header.Set method instead of Add. ( #1270 )
2020-10-17 14:51:55 +02:00
Fernandez Ludovic
ba6eb9729c
Detach v4.0.1
2020-09-03 16:02:51 +02:00
Fernandez Ludovic
99b2cd8181
Prepare release v4.0.1
2020-09-03 16:02:51 +02:00
Fernandez Ludovic
abdd2efc72
Detach v4.0.0
2020-09-02 20:38:01 +02:00
Fernandez Ludovic
c65edde245
Prepare release v4.0.0
2020-09-02 20:38:01 +02:00
Fernandez Ludovic
2582acc932
feat: changes module version.
2020-09-02 20:38:01 +02:00
Masayuki Matsuki
30e4987f99
Add preferred-chain option to support "alternate" certificate links ( #1227 )
...
Co-authored-by: Ludovic Fernandez <ldez@users.noreply.github.com>
2020-09-02 02:22:53 +02:00
Fernandez Ludovic
dd38dce6aa
Detach v3.9.0
2020-09-01 14:50:59 +02:00
Fernandez Ludovic
75c3a49634
Prepare release v3.9.0
2020-09-01 14:50:59 +02:00
Ludovic Fernandez
6b00497f34
chore: update linter. ( #1214 )
2020-07-10 01:48:18 +02:00
Fernandez Ludovic
168a727287
Detach v3.8.0
2020-07-02 12:20:54 +02:00
Fernandez Ludovic
bcb5be49c8
Prepare release v3.8.0
2020-07-02 12:20:54 +02:00
Jared Ledvina
3d63e3ec07
Ensure we return a location during account updates ( #1158 )
2020-05-26 20:04:54 +02:00
Fernandez Ludovic
2f1b384411
Detach v3.7.0
2020-05-11 14:40:45 +02:00
Fernandez Ludovic
e774e180a5
Prepare release v3.7.0
2020-05-11 14:40:45 +02:00
Ludovic Fernandez
6043c9347c
chore: update linter. ( #1145 )
2020-05-08 19:35:25 +02:00
Fernandez Ludovic
e10d6ac4b8
Detach v3.6.0
2020-04-24 11:13:43 +02:00
Fernandez Ludovic
71d61f880c
Prepare release v3.6.0
2020-04-24 11:13:43 +02:00
Ludovic Fernandez
f3e067df49
feat: use colon instead a arrow. ( #1090 )
2020-03-20 22:53:09 +01:00
Fernandez Ludovic
fa19378184
detach v3.5.0
2020-03-15 23:50:20 +01:00
Fernandez Ludovic
2a1cf86439
Prepare release v3.5.0
2020-03-15 23:50:20 +01:00
Ludovic Fernandez
2da1ce06ea
chore: wrap errors. ( #1070 )
2020-02-27 19:14:45 +01:00
Fernandez Ludovic
6c8f48dd85
detach v3.4.0
2020-02-25 22:26:55 +01:00
Fernandez Ludovic
bf1c12479e
Prepare release v3.4.0
2020-02-25 22:26:55 +01:00
Ludovic Fernandez
2e30fd0ba8
Minors changes ( #1059 )
2020-02-10 18:20:52 +01:00
Ludovic Fernandez
add2bea577
chore: update cenkalti/backoff to v4. ( #1043 )
2020-01-12 17:16:46 +01:00
Fernandez Ludovic
1bd4b7071b
detach v3.3.0
2020-01-09 01:07:04 +01:00
Fernandez Ludovic
63758264cb
Prepare release v3.3.0
2020-01-09 01:07:04 +01:00
Rémi Lapeyre
b1dba4f23d
Add support to update account ( #1002 )
2019-11-19 01:07:46 +01:00
Fernandez Ludovic
d2a125c759
detach v3.2.0
2019-11-09 22:19:00 +01:00
Fernandez Ludovic
11ee928ace
Prepare release v3.2.0
2019-11-09 22:19:00 +01:00
Ludovic Fernandez
fa5555d3f4
Update ACME RFC links from draft to RFC8555. ( #1004 )
2019-11-05 17:58:30 +01:00
Ludovic Fernandez
635b9ac93d
chore: update linter. ( #997 )
2019-10-25 01:27:40 +02:00
Fernandez Ludovic
1eda12ee10
detach v3.1.0
2019-10-09 03:24:09 +02:00
Fernandez Ludovic
776850ffc8
Prepare release v3.1.0
2019-10-09 03:24:09 +02:00
Fernandez Ludovic
e820634e0e
detahc v3.0.2
2019-08-15 15:33:32 +02:00
Fernandez Ludovic
fd11248e65
Prepare release v3.0.2
2019-08-15 15:33:12 +02:00
Fernandez Ludovic
bd238c80e8
detach v3.0.1
2019-08-14 22:33:08 +02:00
Fernandez Ludovic
ef7460d060
Prepare release v3.0.1
2019-08-14 22:33:08 +02:00
Fernandez Ludovic
bc4b57accc
detach v3.0.0
2019-08-07 14:07:47 +02:00
Fernandez Ludovic
e7a90b9471
chore: migrate to go module (v3.0.0)
...
- chore: update dependencies: use version with go modules.
- chore: remove dep.
- chore: update backoff imports.
- chore: init go module.
- chore: update CI.
- chore: mod v3
- chore: update docker image.
2019-08-07 14:07:47 +02:00
Fernandez Ludovic
99bf9f4e8f
detach v2.7.2
2019-07-31 17:22:08 +02:00
Fernandez Ludovic
295dd66f2a
Prepare release v2.7.2
2019-07-31 17:22:08 +02:00
Fernandez Ludovic
c220df0328
detach v2.7.1
2019-07-22 23:46:11 +02:00
Fernandez Ludovic
b6808bf0d9
Prepare release v2.7.1
2019-07-22 23:46:11 +02:00
Fernandez Ludovic
d594e35ca6
detach v2.7.0
2019-07-17 21:35:47 +02:00
Fernandez Ludovic
789f170ee6
Prepare release v2.7.0
2019-07-17 21:35:47 +02:00
Fernandez Ludovic
99741b0b92
detach v2.6.0
2019-05-27 19:36:40 +02:00
Fernandez Ludovic
01903cdfb9
Prepare release v2.6.0
2019-05-27 19:36:40 +02:00
Fernandez Ludovic
f0cfdff395
detach v2.5.0
2019-04-18 20:23:34 +02:00
Fernandez Ludovic
3d13faf689
Prepare release v2.5.0
2019-04-18 20:23:34 +02:00
Ludovic Fernandez
5d557fdc6d
Adds renew hook ( #845 )
...
* chore: update golangci-lint.
* feat: support renew-hook.
2019-04-02 18:38:23 +02:00
Fernandez Ludovic
55572c2606
detach v2.4.0
2019-03-26 20:29:23 +01:00
Fernandez Ludovic
aaecc1ca72
Prepare release v2.4.0
2019-03-26 20:29:23 +01:00
Ludovic Fernandez
3edb75872d
chore: migrate to new org. ( #824 )
2019-03-11 17:56:48 +01:00
Fernandez Ludovic
a483b4afaa
detach v2.3.0
2019-03-11 17:23:46 +01:00
Fernandez Ludovic
2952cdaebd
Prepate release v2.3.0
2019-03-11 17:23:46 +01:00
Ludovic Fernandez
219222fdda
Use canonical imports ( #822 )
...
* fix: challenge are not required for revoke.
2019-03-11 16:54:35 +01:00
Fernandez Ludovic
19303d3ac6
detach v2.2.0
2019-02-09 05:46:18 +01:00
Fernandez Ludovic
52e43eb318
Prepare release v2.2.0
2019-02-09 05:46:18 +01:00
Ludovic Fernandez
fe7a60ee0e
Uses a jittered exponential backoff ( #794 )
2019-02-09 05:40:45 +01:00
Ludovic Fernandez
6fdf45c474
chore: update golangci-lint. ( #782 )
2019-02-06 18:15:53 +01:00
Fernandez Ludovic
0574362e13
detach v2.1.0
2019-01-24 23:18:29 +01:00
Fernandez Ludovic
00ad82dec1
Prepare release v2.1.0
2019-01-24 23:18:29 +01:00
Ludovic Fernandez
ec6c22d70b
fix: OCSP, set HTTP client. ( #759 )
2019-01-12 00:17:29 +01:00
Ludovic Fernandez
38f335dbe1
chore: update golangci-lint. ( #757 )
2019-01-11 19:23:27 +01:00
Fernandez Ludovic
b91dbb6615
detach v2.0.1
2019-01-09 20:05:11 +01:00
Fernandez Ludovic
86c9de3db6
Prepare release v2.0.1
2019-01-09 20:05:11 +01:00
Fernandez Ludovic
eb2440e3ff
detach v2.0
2019-01-09 19:02:36 +01:00
Fernandez Ludovic
9b4afbb998
Prepare release v2.0
2019-01-09 19:02:36 +01:00
Ludovic Fernandez
b05b54d1f6
Release helper ( #728 )
2018-12-11 01:14:49 +01:00
Ludovic Fernandez
42941ccea6
Refactor the core of the lib ( #700 )
...
- Packages
- Isolate code used by the CLI into the package `cmd`
- (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble ) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv )
- Support non-ascii domain name (punnycode)
- Check all challenges in a predictable order
- No more global exported variables
- Archive revoked certificates
- Fixes revocation for subdomains and non-ascii domains
- Disable pending authorizations
- use pointer for RemoteError/ProblemDetails
- Poll authz URL instead of challenge URL
- The ability for a DNS provider to solve the challenge sequentially
- Check all nameservers in a predictable order
- Option to disable the complete propagation Requirement
- CLI, support for renew with CSR
- CLI, add SAN on renew
- Add command to list certificates.
- Logs every iteration of waiting for the propagation
- update DNSimple client
- update github.com/miekg/dns
2018-12-06 22:50:17 +01:00
Jacob Hoffman-Andrews
a5f0a3ff80
Add version to xenolf-acme in User-Agent. ( #719 )
...
Also, remove "Go-http-client/1.1". In practice this added detail doesn't
wind up being useful in diagnosing problems, particularly since it can
be deduced from the xenolf-acme version.
* add UA comments.
2018-11-15 23:02:34 +01:00
Ludovic Fernandez
4f36f4354b
Support POST-as-GET. ( #695 )
2018-11-04 01:51:53 +01:00
Daniel McCarney
2b0aa0aadf
TLS-ALPN-01: Update idPeAcmeIdentifierV1, draft refs. ( #690 )
...
The latest versions of draft-ietf-acme-tls-alpn specify a different
idPeAcmeIdentifierV1 than LEGO was previously using. The old value had
a conflict with an existing assignment.
This commit updates the idPeAcmeIdentifierV1 value to match draft-05 and
updates any references to the draft RFC to use the latest draft number.
2018-10-29 18:20:49 +01:00
Daniel McCarney
1164f441bd
Client: Do not send a JWS body when POSTing challenges. ( #689 )
...
* Client: Do not send a JWS body when POSTing challenges.
In legacy ACME there was a requirement to send a JWS body that contained
a key authorization as part of all challenge initiation POSTs. Since
both the client and server can reconstitute the key authorization there
is no need to send it and modern ACME expects challenges to be initiated
with a JWS carrying the trivial empty JSON object (`{}`). Some ACME
servers (e.g. Pebble in `-strict` mode) will reject all challenge POSTs
that have a legacy JWS body.
This commit updates the LEGO `acme/client.go`'s `validate` function to
send the correct JWS payload for challenge POSTs.
2018-10-29 17:35:49 +01:00
Ludovic Fernandez
4d21f8eec1
Add a test helper to manage env vars. ( #675 )
2018-10-16 17:52:57 +02:00
Ludovic Fernandez
122c354163
Homogenization of the DNS provider tests ( #671 )
...
* refactor: min TTL
* refactor: sandbox.
* refactor: tests homogenization.
* refactor: missing require.
2018-10-12 19:29:18 +02:00
Ludovic Fernandez
20d50a559f
route53: fix challenge. ( #665 )
2018-10-09 19:03:07 +02:00
Ludovic Fernandez
18fe57183d
cloudflare: use the official go client. ( #658 )
2018-10-03 00:02:01 +02:00
Ludovic Fernandez
c09b12be08
fix: ns1 wildcard. ( #657 )
2018-10-02 20:21:02 +00:00
Ludovic Fernandez
ad20bf90ff
Migrate to golangci-lint ( #644 )
...
* refactor: linting.
- errcheck
- govet
- golint
- goconst
- spellcheck
- ...
* refactor: migrate from gometalinter to golangci-lint.
2018-09-24 19:07:20 +00:00
Ludovic Fernandez
3a46680b73
Fix: gcloud wildcard ( #643 )
...
* fix: gcloud wildcard.
* refactor: minor changes.
2018-09-21 15:28:50 +00:00
Ludovic Fernandez
55361cea8c
Use Testify. ( #630 )
2018-09-15 19:16:35 +02:00
Ludovic Fernandez
bba134ce87
Allow to configure TTL, interval and timeout ( #634 )
...
* feat: add GetOrDefaultXXX methods.
* refactor: configuration (alidns).
* refactor: configuration (azure).
* refactor: configuration (auroradns).
* refactor: configuration (bluecat).
* refactor: configuration (cloudflare).
* refactor: configuration (digitalocean).
* refactor: configuration (dnsimple).
* refactor: configuration (dnmadeeasy).
* refactor: configuration (dnspod).
* refactor: configuration (duckdns).
* refactor: configuration (dyn).
* refactor: configuration (exoscale).
* refactor: configuration (fastdns).
* refactor: configuration (gandi).
* refactor: configuration (gandiv5).
* refactor: configuration (gcloud).
* refactor: configuration (glesys).
* refactor: configuration (godaddy).
* refactor: configuration (iij).
* refactor: configuration (lightsail).
* refactor: configuration (linode).
* refactor: configuration (namecheap).
* refactor: configuration (namedotcom).
* refactor: configuration (netcup).
* refactor: configuration (nifcloud).
* refactor: configuration (ns1).
* refactor: configuration (otc).
* refactor: configuration (ovh).
* refactor: configuration (pdns).
* refactor: configuration (rackspace).
* refactor: configuration (rfc2136).
* refactor: configuration (route53).
* refactor: configuration (sakuracloud).
* refactor: configuration (vegadns).
* refactor: configuration (vultr).
2018-09-15 19:07:24 +02:00
Sten Spans
cd5479a6b1
Panic on generating a certificate ( #627 )
2018-09-09 12:37:30 +02:00
Craig Peterson
de3accf531
Submit all dns records up front, then validate serially ( #607 )
2018-09-08 11:56:51 +02:00
Bill Shupp
e0d512138c
Fix missing issuer certificates from Let's Encrypt ( #587 )
2018-07-01 02:35:39 +02:00
Ludovic Fernandez
9bb5589e17
feat: CA Server Name. ( #590 )
2018-07-01 01:12:36 +02:00
Ludovic Fernandez
a2543a2fde
Don't trust identifiers order. ( #589 )
...
ACME draft Section 7.4 "Applying for Certificate Issuance"
https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-7.4
says:
Clients SHOULD NOT make any assumptions about the sort order of
"identifiers" or "authorizations" elements in the returned order
object.
2018-07-01 01:06:46 +02:00
Ludovic Fernandez
94e14328ab
refactor: replace Dial by DialContext. ( #585 )
2018-07-01 00:55:57 +02:00
Robert Kästel
54422ab226
Order polling wait ( #581 )
2018-06-25 23:22:42 +02:00
Ludovic Fernandez
a1585a7b9a
Review DNS providers ( #580 )
...
* refactor: create log.Infof and log.Warnf
* refactor: review DNS providers.
- use one `http.Client` by provider instead of one client by request
- use the same receiver name `d` for all `DNSProvider`
- use `http.MethodXXX`
* refactor: logger init.
2018-06-21 19:06:16 +02:00
Ludovic Fernandez
57782ac3c1
tls-alpn: add a function to return PEM blocks. ( #579 )
...
* feature(tls-alpn): add function to return PEM blocks.
2018-06-18 15:44:18 +02:00
Wyatt Johnson
d457f70ae0
TLS-ALPN-01 Challenge ( #572 )
...
* feat: implemented TLS-ALPN-01 challenge
2018-06-14 01:20:56 +02:00
Daniel McCarney
8f9e90b2a0
ACME HTTP: Allow customizing HTTP client x509.CertPool ( #571 )
...
This commit updates `acme/http.go` to allow customizing the
`*x509.CertPool` used by the `HTTPClient` by specifying the filepath of
a custom CA certificate via the `CA_CERTIFICATE` environment variable.
This allows developers to easily trust a non-standard CA when
interacting with an ACME test server (e.g. Pebble):
```
CA_CERTIFICATE=~/go/src/github.com/letsencrypt/pebble/test/certs/pebble.minica.pem \
lego \
--server https://localhost:14000/dir \
--email foo@bar.com \
-d example.com \
run
```
2018-06-11 15:45:59 +02:00
Ludovic Fernandez
7fedfd1388
fix: user-agent string order. ( #566 )
2018-06-03 12:23:01 -06:00
nelsonkram
f17b1ce516
Added 'processing' status as valid challenge status ( #561 )
2018-05-31 17:22:37 +02:00
Ludovic Fernandez
1b12c25e43
Add linters ( #556 )
...
* feat: add linters.
* fix: lint.
2018-05-30 16:03:55 -06:00
Ludovic Fernandez
e7fd871a9c
ACME V2 support ( #555 )
2018-05-30 19:53:04 +02:00