Commit graph

101 commits

Author SHA1 Message Date
Unknown
0b6d953434 Fix tests in ACMEv2 2018-04-09 01:56:45 +02:00
xenolf
a149e7d650 Fix certificate load with wildcard name 2018-03-15 13:01:56 +01:00
xenolf
3d582c0169 Initial ACMEv2 support WIP 2018-03-14 02:04:09 +01:00
Ian Bishop
b63985c974 renew/revoke - don't panic on wrong account (#446) 2017-10-25 21:31:30 +02:00
Dan Lüdtke
dd74b99f8d RFC: providers/dns: add Service Account authorization option to gcloud (#408)
* providers/dns: add Service Account authorization option to gcloud

* providers/dns: use os.LookupEnv() for local ENV var
2017-07-17 21:40:57 +02:00
Joe Shaw
e9c3078492 add issuer certificate to CertificateResource (#325)
* add issuer certificate to CertificateResource

Also write it out to the file system when running "lego run"

Removed caching of the issuer certificate inside the acme client, since
it didn't appear to be used.

* only append issuerCert to issuedCert in case of success

Effectively a no-op since issuerCert will be nil on error, but it seems
more correct to only do it if fetching the issuer succeeds.
2016-12-14 00:22:48 +01:00
Thomas Recloux
0792ce9a9f Extract from CLI the name -> DNS provider mapping (#313)
* Extract from CLI the name -> DNS provider mapping

This avoids duplication in lib usage 
Ex : https://github.com/containous/traefik/pull/738#issuecomment-258810469

* Verify that we retrieve the good provider
2016-11-18 14:12:13 +01:00
decker
9f86882f77 Add dns provider for dnspod (#312) 2016-11-14 11:41:37 +01:00
Thomas Recloux
7615653a08 Add Exoscale DNS provider (#311) 2016-11-07 08:37:57 +01:00
Luke Hanley
800538520e Adds support for Rackspace DNS (#309)
* Working Rackspace Provider

* Finalize Rackspace DNS provider

Closes out #208. Adds mock API and testing.
2016-11-04 10:29:14 +01:00
Matthew Buckett
85200a157c Azure DNS Provider (#307)
This is a first attempt at a working Azure DNS challenge provider.

Fixes #180
2016-11-02 15:33:57 +01:00
xenolf
72914df00f Add OCSP must staple support
Introduces a new command line switch `--must-staple` to `run` and `renew`.
Using this switch will add the must staple TLS extension to the CSR generated by lego and thus also to the generated certificate.
This does not work with user specified CSRs!

Fixes #270
2016-10-27 11:22:10 +02:00
Clint Armstrong
4bb8bea031 add memcached provider (#296)
* add memcached provider

* add testing
2016-10-24 11:03:18 +02:00
xenolf
bb51288200 Merge pull request #299 from edeckers/add-auroradns
Add AuroraDNS support
2016-10-18 10:26:37 +02:00
David Calavera
5f9a041680 Add NS1 DNS provider. (#295)
* Add NS1 DNS provider.

Integrates Lego with NS1 using their rest API.
It uses NS1's official Go package as client:

https://github.com/ns1/ns1-go

Signed-off-by: David Calavera <david.calavera@gmail.com>

* Add NS1 to the cli handlers.

Signed-off-by: David Calavera <david.calavera@gmail.com>
2016-10-18 10:20:15 +02:00
Ely Deckers
9058a3fa02 Add AuroraDNS-provider 2016-10-16 16:05:54 +02:00
Ryan Rogers
5656b9df20 Add support for Linode as a DNS provider. 2016-08-29 12:37:19 -07:00
xenolf
160cb3b6e8 Merge pull request #272 from porjo/master
Add PowerDNS provider
2016-08-24 00:45:37 +02:00
Ian Bishop
9d954fcc41 Allow custom DNS resolvers 2016-08-23 08:22:17 +10:00
Ian Bishop
63a05d58a6 Add PowerDNS provider 2016-08-19 18:32:27 +10:00
xenolf
b12ce5e731 Merge pull request #245 from bsiegert/master
codegangsta is now called urfave.
2016-07-21 03:40:32 +02:00
xenolf
082ff6d029 Removed HTTPTimeout and exported a new HTTPClient variable as a replacement.
The HTTPTimeout was not honored by the default client. Clients should now construct their own HTTPClient for overriding the timeout.
Fixes #246
2016-07-21 03:24:11 +02:00
Benny Siegert
524e35dba6 codegangsta is now called urfave.
Update import paths for cli package.
2016-07-13 21:03:47 +02:00
xenolf
58ead76066 Merge pull request #238 from moomerman/dnsmadeeasy
Add DNSProvider for DNSMadeEasy (http://dnsmadeeasy.com/)
2016-07-10 04:39:59 +02:00
xenolf
b7b05e88db Merge pull request #233 from disaster37/master
Add OVH DNS provider
2016-07-04 15:00:59 +02:00
Richard Taylor
108eaea79b Add DNSProvider for DNSMadeEasy (http://dnsmadeeasy.com/) 2016-06-28 22:48:06 +01:00
disaster
cc40650b80 lauch go fmt to format the change 2016-06-24 18:23:28 +00:00
Joshua Boelter
941e753c80 Add optional support for .pem output (.crt + .key) 2016-06-18 22:55:15 -07:00
disaster
4f6c1d470f Add OVH DNS provider 2016-06-16 21:11:19 +02:00
Chris Marchesi
575370e196 cert: Extend acme.CertificateResource, support CSRs on renew
client.RenewCertificate now supports CSRs, and in fact prefers them,
when renewing certificates. In other words, if the certificate was
created via a CSR then using that will be attempted before re-generating
off a new private key.

Also adjusted the API of ObtainCertificateForCSR to be a little
more in line with the original ObtainCertificate function.
2016-06-14 21:15:25 -07:00
Will Glynn
333af54906 Add --csr option to generate a certificate for an existing CSR 2016-06-14 21:15:25 -07:00
zealic
88932f9167 Add dns-timeout support. 2016-05-25 11:22:09 +08:00
xenolf
b119bc45fb Add "http-timeout" CLI flag.
This allows for an override of the default HTTP timeout for library HTTP requests.
Fixes #207.
2016-05-19 18:52:58 +02:00
xenolf
b5d5eee2dd Update usage of codegangster/cli to remove deprecation warning.
Fixes #206.
2016-05-12 19:52:59 +02:00
Rui Lopes
4d7223057d Add DNS challenge provider for Vultr. 2016-03-23 20:35:23 +00:00
Brett Vickers
47219adc00 Make DNS provider credential-handling more consistent.
Different DNS providers were handling credentials in different ways.
Some were reading credential environment variables in cli_handlers.go
and then passing them into the NewDNSProvider function, while others
were reading the environment variables within their NewDNSProvider
functions.

This change replaces each DNS challenge's NewDNSProvider function with
two new functions: (1) a NewDNSProvider function that takes no
parameters and uses the environment to read credentials, and (2) a
NewDNSProviderCredentials that takes credentials as parameters.
2016-03-20 11:40:30 -07:00
xenolf
bc8cfbe0d6 Merge pull request #162 from xi2/googlecloud
googlecloud dns: Make package name match import path
2016-03-19 22:18:49 +01:00
xenolf
c1b0d4387d Merge pull request #105 from aebruno/dns-dyn
Add Dyn DNS provider
2016-03-19 22:18:25 +01:00
Michael Cross
516d2a65e1 googlecloud dns: Make package name match import path
Also, add package description
2016-03-19 18:20:01 +00:00
Peter Waldschmidt
4da4506839 Add DNS challenge provider for Google Cloud DNS
Use GCE_PROJECT to designate your GCE project.

Authentication is automatically picked up from gcloud credentials if
running locally and from GCE metadata if run within Google Cloud.

Requires at least permission scope
"https://www.googleapis.com/auth/ndev.clouddns.readwrite"
2016-03-18 11:22:33 -04:00
Andrew E. Bruno
1de97a90da Move dyn provider out of acme package per #144 2016-03-17 22:30:21 -04:00
Andrew E. Bruno
b90b31980a Add Dyn DNS provider
This commit adds support for Dyn, specifically Dyn Managed DNS. Makes
use of the Dyn REST API [1] and requires 3 environment variables for
credentails:

    DYN_CUSTOMER_NAME
    DYN_USER_NAME
    DYN_PASSWORD

The Dyn DNS API requires a session to be established first using the
credentials above, After creating a session an api token is used for
subsequent requests.

The unit test performs a "live test" and currently requires a valid Dyn
account and domain.

[1] https://help.dyn.com/rest/
2016-03-17 22:08:00 -04:00
Brett Vickers
55968bcd21 Add DNS challenge provider for namecheap. 2016-03-17 14:17:56 -07:00
Michael Cross
bcd4e51d65 Add Gandi DNS challenge provider 2016-03-16 18:32:56 +00:00
xenolf
118d9d5ec9 Adjust naming of webroot provider to be in line with DNS providers. 2016-03-16 11:32:09 +01:00
Adrien Carbonne
0886c37703 Excluding DNS01 and TLSSNI01 challenges if --webroot is used 2016-03-15 11:38:23 +01:00
Adrien Carbonne
4116254e6c Fixed CLI after WebRoot provider was moved 2016-03-14 11:52:45 +01:00
Adrien Carbonne
eb773f17d2 Merge remote-tracking branch 'refs/remotes/xenolf/master' 2016-03-14 11:20:15 +01:00
xenolf
2ae35a755d Rename provider types as provider names are already in the package name. Added package level comments and fixed the name of the interface the providers are importing. 2016-03-11 03:46:09 +01:00
xenolf
b412c67aa6 Move providers out of ACME package. 2016-03-03 01:14:32 +01:00