Commit graph

616 commits

Author SHA1 Message Date
Robert Kästel
5115a955b2 Add External Account Binding support. (#516)
* Second draft of External Account Binding support with xenolf's proposed
changes included.
* Require --eab if the ACME directory says it requires External Account
Binding.
* Inner EAB JWS should not contain any nonce. Ref: https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.7.3.5
2018-05-30 02:05:57 +02:00
Wyatt Johnson
8a990209a9 Resolved build errors, small changes
- Switched out some value -> pointer returns
  for functions that returned an error
- Switched out previous failures map with an
  error
2018-05-26 13:16:20 -06:00
Matthew Holt
ef5b5bffb6 Merge branch 'master' into acmev2
# Conflicts:
#	providers/dns/azure/azure.go
2018-05-03 14:44:33 -06:00
Daniel Alan Miller
8e9c5ac3e6 Adding output of which envvars are missing in Cloudflare and Azure (#537)
* Adding output of which envvars are missing in Cloudflare dns provider

* go fmt, duh

* Fixing & adding test(s)

* Adding azure missing env vars checking

* Fixing test

* Doh, fixing up expected output
2018-04-25 09:12:41 -06:00
Matthew Holt
fad2257e11 Fix non-nil error value when there is no error 2018-04-19 18:02:18 -06:00
mikepulaski
823a03a417 ResolveAccountByKey no longer returns an EOF error on success. (#518)
* ResolveAccountByKey no longer returns an EOF error on success.

* Added test for ResolveAccountByKey.
2018-04-19 21:02:13 +02:00
xenolf
6e962fbfb3 Refactor error code in obtain functions to return a canonical error 2018-04-17 01:30:54 +02:00
xenolf
94083744ee Fix error return when Order could not be created 2018-04-17 01:13:09 +02:00
dajenet
5922ca9269 Fix dnsimple api (#529) 2018-04-15 07:49:13 -06:00
Johannes Ebke
b2c4f3c84e route53: Use NewSessionWithOptions instead of deprecated New. Fixes #458. (#528) 2018-04-12 07:08:23 -06:00
mikepulaski
5d4f14bc6a Fixed CN regression in ACMEv2. (#515) 2018-04-09 02:15:11 +02:00
Unknown
0b6d953434 Fix tests in ACMEv2 2018-04-09 01:56:45 +02:00
Aaryaman Vasishta
c62cb65ba5 providers/azure: Refactor to work with Azure SDK version 14.0.0 (#490) 2018-04-09 01:26:49 +02:00
Jefferson Girão
3c9be22bc0 Add Akamai FastDNS as DNS provider (#522)
* Adding support to Akamai FastDNS as DNS provider

* Adding fastdns to the list of dnsproviders
2018-04-03 08:22:13 -06:00
Kirby Files
5ebb80fb44 Add Bluecat DNS provider (#483) 2018-04-02 20:50:15 -06:00
Nick Maliwacki
d7fdc8f54a Add dns provider duckdns.org (#513)
* Add dns provider duckdns see http://www.duckdns.org/spec.jsp for more info

* Add DNS challenge provider 'exec' (#508)

As discussed in #505, this commits adds a very simple DNS provider which
calls out to an external program which must then add or remove the DNS
record.

* Update duckdns to support caddy, and cleanup some comments
2018-04-02 08:02:54 -06:00
Adrian Bjugård
1028c3b190 Add DNS-01 solver using the GleSYS API (#502)
* Add GleSYS DNS-01 solver

* API url is not overridden during tests

* Use logging package

* Correct documentation for NewDNSProvider
2018-03-31 08:33:48 -06:00
Alexander Neumann
2b18d40bab Add DNS challenge provider 'exec' (#508)
As discussed in #505, this commits adds a very simple DNS provider which
calls out to an external program which must then add or remove the DNS
record.
2018-03-27 08:10:38 -06:00
Remi Broemeling
2e0e9cd68f Slightly improve Dyn provider error reporting. (#473)
If Dyn responds with a 3xx or 4xx status code, information describing exactly
what went wrong is generally included in the body of the response (as part of
the typical Dyn JSON response). On the other hand, if Dyn responds with a 5xx
status code, we very likely have extremely limited information.

This commit modifies the reporting to display the explanatory messages included
in the body of the Dyn response for 3xx and 4xx status codes. The intent is to
make it much easier to determine what might be going wrong (when something is
going wrong).
2018-03-19 10:41:57 -06:00
xenolf
a149e7d650 Fix certificate load with wildcard name 2018-03-15 13:01:56 +01:00
xenolf
805eec9756 Add missing return on error when order creation fails 2018-03-14 19:20:23 +01:00
Pat Moroney
91b13b10b9 add Name.com provider (#480)
* add Name.com provider

* add namedotcom provider env vars to output of cli.go
2018-03-14 11:43:09 -06:00
xenolf
3d582c0169 Initial ACMEv2 support WIP 2018-03-14 02:04:09 +01:00
Derek Chen
bacb545c7a Add DNS provider: Lightsail (#460)
* add lightsail dns provider

* fix lint errors

* update exoscale.go

* add the docs for lightsail provider
2018-02-18 08:27:58 -07:00
Aaryaman Vasishta
4e330710a7 providers/azure: Refactor to work with Azure SDK version 14.0.0 (#490) 2018-02-14 13:28:02 -07:00
Giuem
06a8e7c475 Add DNS Provider for CloudXNS (#415)
* Add DNS Provider for CloudXNS

* Fix package path error

* Fix typo

CloudFlare -> CloudXNS

* Fix typo

makeReauest -> makeRequest

* Change http.Client to acme.HTTPClient
2018-02-02 20:41:35 +01:00
Ian Bishop
ed69aa0cc6 Fix PowerDNS zone URL, add leading slash (#476) 2018-02-02 20:32:18 +01:00
Zadkiel
e2b4c3a54f Add support for new Gandi Beta Platform: LiveDNS (#365)
* Add 'dns-01' in CLI usage's solver list

* Add Gandi Beta LiveDNS provider

* gandiv5: rename provider and enhance error messages

* gandiv5: clean old behavior comments

* gandiv5: clean old behavior comments
2018-02-02 20:22:33 +01:00
Philippe M. Chiasson
6bddbfd17a Use proxies from environment when making outbound http connections (#478)
Fixes #477
2018-01-25 09:10:08 -07:00
James Nugent
cc326ce155 cli: Correct help text for --dns-resolvers default (#462)
getNameservers in dns_challenge.go attempts to determine the system
resolvers from /etc/resolv.conf before using the Google DNS servers.
2018-01-15 22:11:42 +01:00
Daniel McCarney
a5a28d2e7f Add /directory to example NewClient caDirURL. (#471)
The `acme.NewClient` function's `caDirURL` argument is expected to be
the full path to the ACME server's directory endpoint. In the README
example of using Lego programmatically against a Boulder instance only
the hostname & port are provided but not the directory path:

   `"http://192.168.99.100:4000"`

This produces an error like:

```
2018/01/15 14:34:06 get directory at 'http://192.168.99.100:4000': invalid
character '<' looking for beginning of value
```

When used verbatim with a Boulder container since the `/directory` is
missing and "What is an ACME server" HTML index page is returned.

This commit updates the example to use:

 `"http://192.168.99.100:4000/directory"`

Which allows the example code to work with Boulder as-intended.
2018-01-15 22:05:27 +01:00
Yoan Blanc
62e0f1096f exoscale: update to latest egoscale version (#468)
Signed-off-by: Yoan Blanc <yoan.blanc@exoscale.ch>
2018-01-15 21:58:24 +01:00
Simon Menke
b929aa5aab Fix zone detection for cross-zone cnames (#449)
* Fix zone detection for cross-zone cnames

CNAMEs cannot co-exist with SOA records so responses with
a CNAME should be skipped.

The `cross-zone-example.assets.sh.` is currently hosted by
me (@fd) and will continue to exist for as long as the assets.sh
domain exists. (The assets.sh domain is used as a CDN and is unlikely
to go away.)

See #330

* Extracted CNAME checking to simplify the FindZoneByFqdn control flow.
2017-11-15 11:03:00 +01:00
Amrit Bera
922235d33e Added missing environment variable in the comments (#450) 2017-11-14 01:14:38 +01:00
Davor Kapsa
084a073f13 travis: update go versions (#448) 2017-11-14 00:59:57 +01:00
Simon Merschjohann
aa94fb4696 Support for DNS Provider: GoDaddy (#416)
* Support for DNS Provider: godaddy

* GoDaddy DNS provider PUTs list instead of PATCH
2017-10-25 21:55:29 +02:00
LeSuisse
a80b046ca8 Users of an effective top-level domain can use the DNS challenge (#436)
They will not get anymore an error message saying
"Could not find the start of authority".

Finding the zone cut of a FQDN now only rely on the presence
of a SOA record. Indeed, in the context of an eTLD the
authority will be the eTLD itself so you need to continue
to recurse until you get an answer instead of cutting the search
when you find the public suffix of a domain.

Fixes #434
2017-10-25 21:47:54 +02:00
xenolf
2c41b2f40d Fix tested go versions in travis 2017-10-25 21:34:07 +02:00
Ian Bishop
b63985c974 renew/revoke - don't panic on wrong account (#446) 2017-10-25 21:31:30 +02:00
Oleg Stepura
5a2fd5039f Dockerfile broken with old alpine version with old go (#409)
* Dockerfile broken with old alpine version with old go

3.4 no longer works with error
```
package context: unrecognized import path "context" (import path does not begin with hostname)
```

3.5 with no changes did not work with error
```
# runtime/cgo
/tmp/go-build671992352/runtime/cgo/_obj/_cgo_export.c:2:20: fatal error: stdlib.h: No such file or directory
 #include <stdlib.h>
                    ^
compilation terminated.
```

3.6 with no changes did not work with error:
```
# github.com/xenolf/lego
/usr/lib/go/pkg/tool/linux_amd64/link: running gcc failed: exit status 1
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find Scrt1.o: No such file or directory
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find crti.o: No such file or directory
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find -lpthread
/usr/lib/gcc/x86_64-alpine-linux-musl/6.3.0/../../../../x86_64-alpine-linux-musl/bin/ld: cannot find -lssp_nonshared
collect2: error: ld returned 1 exit status
```

* Fix git tag to freeze successfully builded image.

Fix git tag to freeze successfully builded image (prevents issues with newer versions in the future, plus uses stable release)

* Update Dockerfile according to PR comments

* Forgot /go in rm

* Bump lego version
2017-09-26 21:57:02 +02:00
Unknown
67c86d860a lego version 0.4.1 2017-09-26 16:13:47 +02:00
Unknown
3304583724 Improve --domains documentation
Closes #432
2017-09-25 22:29:52 +02:00
Andy Wiens
addee401b0 added authorization to dns zones client (#428) 2017-09-25 21:57:58 +02:00
Sean Brandt
49b9503635 handle move of egoscale to exoscale (#430) 2017-09-13 15:40:58 -06:00
Edward Betts
e370f2a4c5 correct spelling mistake (#424) 2017-09-01 11:46:15 -06:00
Shawn Smith
92ed209099 fix typo (#419) 2017-08-10 11:47:37 -06:00
Christian Groschupp
4dde48a9b9 Add DNS Provider for otc (#398)
* Add otc provider.

* Added tests for provider otc.

* Format dns_providers

* fix getZoneId

* Add for tests for provider otc.

* Add proxy to transport in otc provider.

* Use DefaultTransport in otc provider.

* Make loginRequest private in provider otc.

* better error handling in provider otc.

* add more tests for provider otc.
2017-07-20 00:54:35 +02:00
Unknown
68261a8b20 Add button to readme 2017-07-17 22:54:51 +02:00
jraby
a5eaf85c89 RFC2136_TIMEOUT: tuneable DNS propagation timeout (#386)
Useful for slower DNS environment.

Time string is parsed with time.ParseDuration, so units are mandatory
(eg. RFC2136_TIMEOUT=10m)
2017-07-17 22:05:47 +02:00
Janez Troha
147b326cb0 acme/http: saner http client timeouts (#377)
LE is becoming quite popular and it was observed that response time can be around 15s. I've increased this to 30s and added changes recomended here https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/
2017-07-17 21:57:01 +02:00