mbiryukova/certificates

Author	SHA1	Message	Date
Herman Slatman	0524122191	Remove authorization flow for different Account private keys As discussed in https://github.com/smallstep/certificates/issues/767, we opted for not including this authorization flow to prevent users from getting OOMs. We can add the functionality back when the underlying data store can provide access to a long list of Authorizations more efficiently, for example when a callback is implemented.	2021-12-08 16:28:14 +01:00
Herman Slatman	004fc054d5	Fix PR comments	2021-12-03 15:06:28 +01:00
Herman Slatman	06bb97c91e	Add logic for Account authorizations and improve tests	2021-12-02 16:25:35 +01:00
Herman Slatman	bae1d256ee	Improve tests for JWK vs. KID revoke auth flow The logic for both test cases is fairly similar, but with some small differences. Made those clearer by means of some comments. Also added some comments to the middleware logic that decided whether to extract JWK or lookup by KID.	2021-12-02 10:59:56 +01:00
Herman Slatman	a7fbbc4748	Add tests for GetCertificateBySerial	2021-11-28 21:20:57 +01:00
Herman Slatman	4d01cf8135	Increase test code coverage	2021-11-28 20:30:36 +01:00
Herman Slatman	2d357da99b	Add tests for ACME revocation	2021-11-26 17:27:42 +01:00
Herman Slatman	ed295ca15d	Fix linting issue	2021-11-25 00:44:21 +01:00
Herman Slatman	2d50c96d99	Merge branch 'master' into hs/acme-revocation	2021-11-19 17:00:18 +01:00
Herman Slatman	e7a988b2cd	Pin golangci-lint to v1.43.0 and fix issues	2021-11-13 01:30:03 +01:00
Herman Slatman	29f9730485	Satisfy golangci-lint	2021-11-12 17:13:10 +01:00
Herman Slatman	c7a9c13060	Add tests for extractOrLookupJWK middleware	2021-11-12 16:37:44 +01:00
Herman Slatman	3151255a25	Merge branch 'master' into hs/acme-revocation	2021-10-30 15:41:29 +02:00
max furman	933b40a02a	Introduce gocritic linter and address warnings	2021-10-08 14:59:57 -04:00
Mariano Cano	470b546d59	Merge pull request #557 from joejulian/http01-isv use InsecureSkipVerify for validation	2021-08-26 18:06:57 -07:00
max furman	a3028bbc0e	Add test for updateAddOrderIDs	2021-08-18 23:44:57 -07:00
Mariano Cano	dc5205cc72	Extract the tls error code and fail accordingly.	2021-08-17 17:06:25 -07:00
Mariano Cano	ae58a0ee4e	Make tests compatible with Go 1.17. With Go 1.17 tls.Dial will fail if the client and server configured protocols do not overlap. See https://golang.org/doc/go1.17#ALPN	2021-08-17 16:31:53 -07:00
Herman Slatman	258efca0fa	Improve revocation authorization	2021-07-10 00:28:31 +02:00
Herman Slatman	97165f1844	Fix test mocking for CreateCertificate	2021-07-09 22:48:03 +02:00
Herman Slatman	2b15230aa4	Add Serial to Cert ID ACME table and lookup	2021-07-09 17:51:31 +02:00
Herman Slatman	8f7e700f09	Merge branch 'master' into hs/acme-revocation	2021-07-09 11:22:25 +02:00
max furman	857a50434c	Merge branch 'master' into max/cert-mgr-crud	2021-07-08 16:25:52 -07:00
max furman	9fdef64709	Admin level API for provisioner mgmt v1	2021-07-02 19:05:17 -07:00
Herman Slatman	16fe07d4dc	Fix mockSignAuth	2021-07-03 02:10:16 +02:00
Herman Slatman	0e56932e76	Add support for revocation using JWK	2021-07-03 01:57:27 +02:00
Herman Slatman	84e7d468f2	Improve handling of ACME revocation	2021-07-03 00:21:17 +02:00
Herman Slatman	d53bcaf830	Add base logic for ACME revoke-cert	2021-07-02 22:51:15 +02:00
Herman Slatman	8e4a4ecc1f	Refactor tests for sans	2021-06-26 00:48:40 +02:00
Herman Slatman	87b72afa25	Fix IP equality check and add more tests	2021-06-26 00:13:44 +02:00
Herman Slatman	a6d33b7d06	Add tests for sans()	2021-06-25 17:21:22 +02:00
Herman Slatman	64c15fde7e	Add tests for canonicalize function	2021-06-25 14:07:40 +02:00
Herman Slatman	c514a187b2	Fix Fail() -_-b	2021-06-18 17:37:56 +02:00
Herman Slatman	135e912ac8	Improve coverage for TLS-ALPN-01 challenge	2021-06-18 17:27:35 +02:00
Herman Slatman	218a2adb9f	Add tests for IP Order validations	2021-06-18 16:09:48 +02:00
Herman Slatman	523ae96749	Change identifier and challenge types to consts	2021-06-18 12:39:36 +02:00
Herman Slatman	84ea8bd67a	Fix PR comments	2021-06-18 12:03:46 +02:00
Herman Slatman	af4803b8b8	Fix tests	2021-06-04 11:14:59 +02:00
Herman Slatman	0c79914d0d	Improve check for single IP in TLS-ALPN-01 challenge	2021-06-04 00:18:26 +02:00
Herman Slatman	a6405e98a9	Remove fmt.	2021-06-04 00:06:15 +02:00
Herman Slatman	2f40011da8	Add support for TLS-ALPN-01 challenge	2021-06-04 00:01:43 +02:00
Herman Slatman	76dcf542d4	Fix mixed DNS and IP SANs in Order	2021-06-03 22:45:24 +02:00
Herman Slatman	af615db6b5	Support DNS and IPs as SANs in single Order	2021-06-03 22:03:21 +02:00
Herman Slatman	a0e92f8e99	Verify IP identifier contains valid IP	2021-06-03 22:02:13 +02:00
Herman Slatman	6486e6016b	Make logic for which challenge types to use clearer	2021-05-29 00:37:22 +02:00
Herman Slatman	3e36522329	Add preliminary support for TLS-ALPN-01 challenge for IP identifiers	2021-05-29 00:19:14 +02:00
Herman Slatman	6d9710c88d	Add initial support for ACME IP validation	2021-05-28 16:40:46 +02:00
max furman	7b5d6968a5	first commit	2021-05-19 15:20:16 -07:00
Joe Julian	0369151bfa	use InsecureSkipVerify for validation The server will not yet have a valid certificate so we need to disable certificate validation in the HTTPGetter.	2021-04-27 08:18:35 -07:00
Mariano Cano	2e1524ec2f	Remove the creation on nonce on get acme directory. According to RFC 8555, the replay nonces are only required in POST requests. And of course in the new-nonce request.	2021-04-15 17:54:22 -07:00

1 2 3 4

153 commits