xenolf
c2467d031f
Fix tests with new error
2015-12-11 17:16:24 +01:00
xenolf
f08c15df80
Use boulder error messages.
2015-12-11 17:16:24 +01:00
Jan Broer
666698cea3
Modular DNS challenge
...
- Manual provider
- Dynamic DNS Update provider (RFC2136)
- Route53 provider
- CloudFlare provider
2015-12-10 18:35:35 +01:00
Matthew Holt
c4add3c81e
Stub out simple CLI example
2015-12-07 19:33:46 -07:00
xenolf
1b07617a49
Merge pull request #45 from xenolf/ensure-non-zero-error-return
...
Make sure the CLI returns proper non-zero exit codes on errors.
2015-12-07 20:53:30 +01:00
xenolf
a23289899c
Fix typo
2015-12-07 16:58:01 +01:00
xenolf
2f16c0fa5c
Make sure the CLI returns proper non-zero exit codes on errors.
2015-12-07 16:52:59 +01:00
xenolf
54e96f6fc5
Document that ObtainSANCertificate will never return a partial certificate on error.
2015-12-07 16:51:28 +01:00
xenolf
0c0521f177
Merge pull request #43 from egorsmkv/master
...
Minor fixes
2015-12-07 15:53:53 +01:00
Egor Smolyakov
e8a631338c
Added bundle option
2015-12-07 13:21:54 +02:00
Egor Smolyakov
4676e45836
Fix bug
2015-12-07 13:18:58 +02:00
xenolf
3cf9fe610f
Merge pull request #42 from xenolf/add-renew-time
...
Add a way for cronjobs to automatically renew certificates.
2015-12-07 02:10:37 +01:00
xenolf
1573f13fac
Remove redundant semicolon.
2015-12-06 23:14:22 +01:00
xenolf
2a9875b220
Add a way for cronjobs to automatically renew certificates.
2015-12-06 22:35:52 +01:00
Tommie Gannert
e32b9abfb2
Remove ObtainCertificates and rename ObtainSANCertificate to ObtainCertificate.
...
Also removes revokation abilities from RenewCertificate.
Makes the API more orthogonal. These things are not provided by the
ACME protocol, but were convenience helpers.
2015-12-05 22:07:12 +00:00
Tommie Gannert
71624f607a
Replace exponential back-off in validate with Retry-After header.
...
Last paragraph of ACME spec, section 6.5:
To check on the status of an authorization, the client sends a GET
request to the authorization URI, and the server responds with the
current authorization object. In responding to poll requests while
the validation is still in progress, the server MUST return a 202
(Accepted) response with a Retry-After header field.
2015-12-05 21:32:53 +00:00
Tommie Gannert
b2c88d7a5d
Make solvers configurable.
...
Allows selecting which solvers are available, and specifying options for them.
2015-12-05 21:01:08 +00:00
Tommie Gannert
039b7c50dc
Use postJSON and getJSON wherever possible.
...
Encapsulates JSON marshalling.
2015-12-05 15:59:15 +00:00
Tommie Gannert
2dc2fdd1af
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests.
2015-12-05 15:09:29 +00:00
Tommie Gannert
bee1326835
Use a local ServeMux in httpChallenge.Solve.
...
Avoids modifying global state.
2015-12-05 12:25:01 +00:00
Tommie Gannert
38cb60624f
Simplify tlsSNIChallenge code.
...
Solve is blocking, so no need to run initialization code in a separate
goroutine. Removes the need for s.start.
Once the listener is closed, all I/O resources have been returned. No
need to wait for http.Serve to return. Removes the need for s.end.
2015-12-05 12:24:49 +00:00
Tommie Gannert
5dc33c8c08
Simplify httpChallenge code.
...
Solve is blocking, so no need to run initialization code in a separate
goroutine. Removes the need for s.start.
Once the listener is closed, all I/O resources have been returned. No
need to wait for http.Serve to return. Removes the need for s.end.
2015-12-05 12:00:00 +00:00
Tommie Gannert
58a2fd2267
Split off validation function.
...
This is a loop that interacts with the ACME server, not the individual challenges.
Also switch to exponential back-off polling for good measure.
2015-12-05 11:52:24 +00:00
Tommie Gannert
237689b0cf
Run gofmt on acme/tls_sni_challenge.
2015-12-05 11:50:57 +00:00
xenolf
a528107826
Update README.md
2015-12-03 20:04:55 +01:00
xenolf
95a41a1441
Push CLI version
2015-12-03 19:41:04 +01:00
xenolf
8c8396a0a2
Update CLI to default to the live LE endpoint.
2015-12-03 19:37:54 +01:00
Matthew Holt
d9e2e2a873
Cleaned up a couple log lines
2015-12-02 12:33:37 -07:00
xenolf
24e8a55405
Merge pull request #33 from xenolf/add-tls-sni-challenge
...
Add TLS-SNI-01 Challenge
2015-11-22 19:34:22 +01:00
xenolf
32a29fd5ad
We have two solvers now
2015-11-22 19:33:26 +01:00
xenolf
775545e2bb
Add tests to TLS-SNI-01
2015-11-22 19:31:16 +01:00
xenolf
08f34f6071
Mark TLS-SNI implemented in README
2015-11-22 19:31:16 +01:00
xenolf
22622438fd
Implement TLS-SNI-01 to match Boulder. Not spec conform.
2015-11-22 19:31:16 +01:00
xenolf
e8d64bb50b
WIP TLS-SNI-01
...
[ci skip]
2015-11-22 19:31:16 +01:00
xenolf
6a803c6265
Merge pull request #35 from xenolf/caurl
...
Don't try appending /directory to caURL
2015-11-21 01:17:45 +01:00
Matthew Holt
974f2fa929
Don't try appending /directory to caURL (spec doesn't require it)
...
Also improved some comments/docs and fixed a test
2015-11-20 12:01:06 -07:00
xenolf
f2389fda58
Remove simpleHTTP - Update README
2015-11-18 22:17:02 +01:00
xenolf
08680d8fcf
Properly name challenge types for http-01 tests
2015-11-18 22:11:47 +01:00
xenolf
7662cbcec5
Merge pull request #30 from xenolf/add-san-cert
...
Add SAN certificates - fix #20
2015-11-18 22:07:54 +01:00
xenolf
f41ed4f9de
Remove unneeded function
2015-11-18 21:41:27 +01:00
xenolf
a8c2a12871
Move back to square/go-jose (reverted from commit cae6d59e19
)
2015-11-18 21:15:49 +01:00
xenolf
cae6d59e19
Move back to square/go-jose
2015-11-18 21:06:45 +01:00
xenolf
caba7ddee7
Add comment to ObtainSANCertificate
2015-11-18 19:53:42 +01:00
xenolf
3be490f6cb
Change how challenge order is preserved as suggested by @zakjan
2015-11-18 19:44:47 +01:00
xenolf
ca5c3a4315
Remove commented code
2015-11-17 23:31:37 +01:00
xenolf
b9ba9e58b3
Return the right error
2015-11-17 23:07:13 +01:00
xenolf
487c8763d5
Revert adding locks to jws - not in scope of this branch
2015-11-17 22:36:25 +01:00
xenolf
6671fd137c
Make sure the challenges do not get re-ordered for SAN certs
2015-11-17 22:22:25 +01:00
xenolf
c849ca1b90
If any challenge fails - return an error
2015-11-17 19:45:15 +01:00
xenolf
cce3d79fc9
Add DNS-01
2015-11-17 00:05:01 +01:00