pogpp/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity
lego/e2e/fixtures/certs
History
Ludovic Fernandez 42941ccea6
Refactor the core of the lib (#700) 
- Packages
- Isolate code used by the CLI into the package `cmd`
- (experimental) Add e2e tests for HTTP01, TLS-ALPN-01 and DNS-01, use [Pebble](https://github.com/letsencrypt/pebble) and [challtestsrv](https://github.com/letsencrypt/boulder/tree/master/test/challtestsrv) 
- Support non-ascii domain name (punnycode)
- Check all challenges in a predictable order
- No more global exported variables
- Archive revoked certificates
- Fixes revocation for subdomains and non-ascii domains
- Disable pending authorizations
- use pointer for RemoteError/ProblemDetails
- Poll authz URL instead of challenge URL
- The ability for a DNS provider to solve the challenge sequentially
- Check all nameservers in a predictable order
- Option to disable the complete propagation Requirement
- CLI, support for renew with CSR
- CLI, add SAN on renew
- Add command to list certificates.
- Logs every iteration of waiting for the propagation
- update DNSimple client
- update github.com/miekg/dns
2018-12-06 22:50:17 +01:00
..
localhost Refactor the core of the lib (#700) 2018-12-06 22:50:17 +01:00
pebble.minica.key.pem Refactor the core of the lib (#700) 2018-12-06 22:50:17 +01:00
pebble.minica.pem Refactor the core of the lib (#700) 2018-12-06 22:50:17 +01:00
README.md Refactor the core of the lib (#700) 2018-12-06 22:50:17 +01:00

README.md

certs/

This directory contains a CA certificate (pebble.minica.pem) and a private key (pebble.minica.key.pem) that are used to issue a end-entity certificate (See certs/localhost) for the Pebble HTTPS server.

To get your testing code to use Pebble without HTTPS errors you should configure your ACME client to trust the pebble.minica.pem CA certificate. Your ACME client should offer a runtime option to specify a list of root CAs that you can configure to include the pebble.minica.pem file.

Do not add this CA certificate to the system trust store or in production code!!! The CA's private key is public and anyone can use it to issue certificates that will be trusted by a system with the Pebble CA in the trust store.

To re-create all of the Pebble certificates run:

minica -ca-cert pebble.minica.pem \
       -ca-key pebble.minica.key.pem \
       -domains localhost,pebble \
       -ip-addresses 127.0.0.1

From the test/certs/ directory after installing MiniCA