Commit graph

11 commits

Author SHA1 Message Date
Mariano Cano
c7f226bcec
Add support for renew when using stepcas
It supports renewing X.509 certificates when an RA is configured with stepcas.
This will only work when the renewal uses a token, and it won't work with mTLS.

The audience cannot be properly verified when an RA is used, to avoid this we
will get from the database if an RA was used to issue the initial certificate
and we will accept the renew token.

Fixes #1021 for stepcas
2022-11-04 16:42:07 -07:00
Mariano Cano
3694ba30dc Store certificate and provisioner in one transaction. 2022-04-12 18:42:27 -07:00
Mariano Cano
7d6116c3d0 Add GetCertificateData and refactor x509_certs_data. 2022-04-05 19:24:53 -07:00
Mariano Cano
41c6ded85e Store in the db the provisioner that granted a cert. 2022-04-05 18:00:01 -07:00
max furman
933b40a02a Introduce gocritic linter and address warnings 2021-10-08 14:59:57 -04:00
max furman
e3826dd1c3 Add ACME CA capabilities 2019-09-13 15:48:33 -07:00
max furman
599fc1058c loadOrStore -> cmpAndSwap 2019-06-10 13:21:06 -07:00
max furman
b73fe8c157 Add used OTT to DB during authToken step 2019-05-06 15:52:02 -07:00
max furman
c242602231 reload and shutdown trickery
* Only shutdown the database once.
* Be careful when reloading the CA. Depending on whether the DB has
already been shutdown, and error may be unrecoverable.
2019-04-25 13:25:41 -07:00
max furman
cbeca9383b Update nosql integration
* shutdown and reload database on SIGHUP
2019-04-24 18:00:59 -07:00
max furman
ab4d569f36 Add /revoke API with interface db backend 2019-04-10 13:50:35 -07:00