Commit graph

76 commits

Author SHA1 Message Date
Ludovic Fernandez
43401f2475
New challenges management. (#741) 2019-01-03 16:59:53 +01:00
Fredrik Sandebert
8d8ec2c92c Removed an outdated instruction (#743)
The latest version of the policy doesn't need any manual adjusting; it's fine to use as-is.
2018-12-28 16:19:36 +01:00
Ludovic Fernandez
42941ccea6
Refactor the core of the lib (#700)
- Packages
- Isolate code used by the CLI into the package `cmd`
- (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) 
- Support non-ascii domain name (punnycode)
- Check all challenges in a predictable order
- No more global exported variables
- Archive revoked certificates
- Fixes revocation for subdomains and non-ascii domains
- Disable pending authorizations
- use pointer for RemoteError/ProblemDetails
- Poll authz URL instead of challenge URL
- The ability for a DNS provider to solve the challenge sequentially
- Check all nameservers in a predictable order
- Option to disable the complete propagation Requirement
- CLI, support for renew with CSR
- CLI, add SAN on renew
- Add command to list certificates.
- Logs every iteration of waiting for the propagation
- update DNSimple client
- update github.com/miekg/dns
2018-12-06 22:50:17 +01:00
Ludovic Fernandez
88f86af113
Prepare release v1.2.0 (#701) 2018-11-05 15:14:30 +01:00
Ludovic Fernandez
1d1b08ac15
enhance the WithLiveTestRequirements algorithm (#681)
* refactor: migrate test to envTest.

* refactor: enforce WithLiveTestRequirements logic.

* chore: remove gometalinter.

* fix: godoc.

* doc: add Docker badge.
2018-10-18 22:32:00 +02:00
Ludovic Fernandez
32058d57da
Prepare release v1.1.0 (#677) 2018-10-17 01:38:57 +02:00
Ethan Young
38ffd0577b Correct example of renew action with days flag (#646) 2018-09-24 12:05:55 +02:00
Daniel McCarney
8c82824a83 README: Change staging URL example for ACME v2. (#592) 2018-07-01 23:54:35 +02:00
Wyatt Johnson
d457f70ae0 TLS-ALPN-01 Challenge (#572)
* feat: implemented TLS-ALPN-01 challenge
2018-06-14 01:20:56 +02:00
xenolf
27e0f97c9d
Fix wrong repository URL (#563) 2018-05-31 19:39:33 +02:00
Wyatt Johnson
fefeb24353
Prepare release v1.0.0 (#559)
* Prepare release v1.0.0

* review: remove infrastructure items from CHANGELOG.md

* review: updated CHANGELOG.md message

* review: added ACME v1 reference in README.md

* review: README.md updates

* review: removed experimental note
2018-05-30 18:03:08 -06:00
Ludovic Fernandez
e7fd871a9c
ACME V2 support (#555) 2018-05-30 19:53:04 +02:00
Pall Valmundsson
1d9b0906b1 Update Dockerfile (#484)
This updates the Dockerfile to use multi-stage builds and enables a build argument to specify which version or SHA is built.
2018-05-30 14:01:23 +02:00
Daniel McCarney
a5a28d2e7f Add /directory to example NewClient caDirURL. (#471)
The `acme.NewClient` function's `caDirURL` argument is expected to be
the full path to the ACME server's directory endpoint. In the README
example of using Lego programmatically against a Boulder instance only
the hostname & port are provided but not the directory path:

   `"http://192.168.99.100:4000"`

This produces an error like:

```
2018/01/15 14:34:06 get directory at 'http://192.168.99.100:4000': invalid
character '<' looking for beginning of value
```

When used verbatim with a Boulder container since the `/directory` is
missing and "What is an ACME server" HTML index page is returned.

This commit updates the example to use:

 `"http://192.168.99.100:4000/directory"`

Which allows the example code to work with Boulder as-intended.
2018-01-15 22:05:27 +01:00
Unknown
67c86d860a lego version 0.4.1 2017-09-26 16:13:47 +02:00
Unknown
3304583724 Improve --domains documentation
Closes #432
2017-09-25 22:29:52 +02:00
Unknown
68261a8b20 Add button to readme 2017-07-17 22:54:51 +02:00
xenolf
192334c448 Lego version 0.4.0 2017-07-13 03:17:00 +02:00
Wilk
aaa8e70aec CLI example with --days (#388) 2017-05-05 16:12:59 +02:00
Emilien Devos
6cac0ea7d8 Add lego installation via package manager for ArchLinux (#344) 2017-02-19 05:51:39 +01:00
Jacob Hoffman-Andrews
ca19ea1c19 Fix example call to ObtainCertificate (#333)
The previous example left out the MustStaple argument.
2016-12-27 00:41:19 +01:00
xenolf
82ac43327b Update version to 0.3.1 in readme and cli. Fixes #285 2016-09-12 09:50:14 +02:00
Will Glynn
01e2a30802 Document --csr flag 2016-06-14 21:15:25 -07:00
Christian Koep
94509ee581 Add Dockerfile
This enables users to build, ship and run lego with Docker.
2016-04-07 22:15:55 +02:00
xenolf
fd99bdb74a Merge pull request #174 from janeczku/route53-aws-sdk
Switch route53 provider to the official AWS SDK
2016-03-28 18:26:56 +02:00
Jan Broer
9f1b9e39af Switch route53 provider to the official AWS SDK
Fully backwards compatible in terms of credential mechanisms
(environment variables, shared credentials file, EC2 metadata). If a
custom AWS IAM policy is in use it needs to be updated with permissions
for the route53:ListHostedZonesByName action.
2016-03-27 20:22:09 +02:00
Michael Cross
7f14e2a4aa Update README sudo section 2016-03-26 14:02:38 +00:00
xenolf
0a681c253d Merge pull request #172 from xi2/update-readme-example
Update README example section
2016-03-25 22:39:04 +01:00
Michael Cross
19911dc180 Update README example section 2016-03-24 22:35:45 +00:00
kballou
5474a0e80c Update README usage Section
The usage output seems to have drifted and was causes confusion when
attempting to use as a reference.
2016-03-24 12:55:15 -06:00
Matthew Holt
41cfcd79df Update README and version 2016-03-23 12:12:47 -06:00
Andrew E. Bruno
b90b31980a Add Dyn DNS provider
This commit adds support for Dyn, specifically Dyn Managed DNS. Makes
use of the Dyn REST API [1] and requires 3 environment variables for
credentails:

    DYN_CUSTOMER_NAME
    DYN_USER_NAME
    DYN_PASSWORD

The Dyn DNS API requires a session to be established first using the
credentials above, After creating a session an api token is used for
subsequent requests.

The unit test performs a "live test" and currently requires a valid Dyn
account and domain.

[1] https://help.dyn.com/rest/
2016-03-17 22:08:00 -04:00
Brett Vickers
55968bcd21 Add DNS challenge provider for namecheap. 2016-03-17 14:17:56 -07:00
Michael Cross
bcd4e51d65 Add Gandi DNS challenge provider 2016-03-16 18:32:56 +00:00
Adrien Carbonne
eb773f17d2 Merge remote-tracking branch 'refs/remotes/xenolf/master' 2016-03-14 11:20:15 +01:00
Adrien Carbonne
f9ae3791c5 Fixed typo in readme.md 2016-03-13 16:36:13 +01:00
Pauline Middelink
bc5c3b53e1 Merge remote-tracking branch 'upstream/master' into issue-140-multi-zone-certs
Conflicts solved:
	README.md
	cli.go
2016-02-28 15:42:09 +01:00
Pauline Middelink
e772779caf Fix for issue/140:
- Removal of RFC2136_ZONE from help text
 - Query nameserver directly to find zone we have to update
 - During insert, make sure the new record is the ONLY challence.
   (I had a few panics, hence 3 challences left. Not good.)
2016-02-28 01:08:59 +01:00
Pauline Middelink
6b0be6de61 Update help+README for missing RFC2136_TSIG_ALGORITHM environment setting. 2016-02-26 02:56:17 +01:00
Will Glynn
3bceed427a Make the --dns help message more explicit about disabling challenges 2016-02-13 18:42:47 -06:00
Will Glynn
030ba6877a Document that --dns=provider specifically selects the DNS challenge 2016-02-13 18:31:04 -06:00
Adrien Carbonne
fdf059fbbd Added a --webroot option for HTTP challenge
When using this option, the challenge will be written in a file in
".well-known/acme-challenge/" inside the given webroot folder.
This allows lego to work without binding any port at all.
2016-02-10 12:19:29 +01:00
Will Glynn
86ba08bb9e Mention the Let's Encrypt staging endpoint in the README 2016-02-08 15:27:06 -06:00
Will Glynn
fa8214b5b8 Reduce IAM policy to a more compact version
`Sid` is optional and can be omitted for brevity.

Both `route53:ListHostedZones` and `route53:GetChange` are allowed for
`*`, so they can be combined into a single statement.

Actions can be combined onto the same line, since it's equivalent JSON.
2016-02-06 19:06:21 -06:00
Jimmy Cuadra
e800e75b59 Add full CLI example and IAM policy for Route 53 to the README. [ci
skip]
2016-02-05 02:44:09 -08:00
xenolf
3fed18cce9 Corrected AWS_REGION env variable name 2016-01-31 00:10:46 +01:00
xenolf
316cb44f80 Update usage in README 2016-01-30 02:43:35 +01:00
Simone Carletti
76c2c641bb Mark DNS challenge as completed in the README
It looks like it was merged in 602aeba6c1
2016-01-25 22:12:41 +01:00
Thomas Sileo
1040a2f5df Fix the example in the README
The change fixes the example in the README.

`ObtainCertificate` returns a map of "failures" and not a standard error as second return value.
2016-01-24 12:47:13 +01:00
xenolf
9c099c8739 Update readme to reflect latest changes 2016-01-08 23:43:36 +01:00