xenolf
466af28672
Extract validateFunc from httpChallenge and tlsSNIChallenge
2015-12-27 19:08:17 +01:00
xenolf
523f3eb250
Change SetHTTPSPort to SetTLSPort
2015-12-27 18:56:36 +01:00
xenolf
0e857b2fef
Adapt CLI to changes in lib
...
- Change explicit include of challenges to explicit exclude
- Add CLI switches for HTTP and TLS ports
2015-12-27 18:35:19 +01:00
xenolf
053dc4cfb1
Extract mutation of client into functions
2015-12-27 18:28:54 +01:00
xenolf
595f684e27
Merge branch 'master' of https://github.com/tommie/lego into refactor-client
...
# Conflicts:
# acme/client.go
# acme/http_challenge.go
# acme/http_challenge_test.go
# acme/tls_sni_challenge.go
# cli.go
# cli_handlers.go
2015-12-27 17:38:49 +01:00
Mustafa Altun
f3df6b81b2
Fix gofmt errors
2015-12-24 10:57:09 +02:00
xenolf
c2630f8eb7
Limit ioutil.ReadAll calls in client as well
2015-12-21 02:44:25 +01:00
xenolf
00af84d91b
Close response body in getIssuerCertificate
2015-12-21 02:44:25 +01:00
xenolf
136cc73ff8
Move call to ObtainSANCertificate
2015-12-18 17:55:43 +01:00
xenolf
5930ea52f0
lib: make renew aware of SAN
2015-12-18 17:55:43 +01:00
xenolf
c13968859a
tweak log messages a bit
2015-12-15 21:21:12 +01:00
xenolf
a23289899c
Fix typo
2015-12-07 16:58:01 +01:00
xenolf
54e96f6fc5
Document that ObtainSANCertificate will never return a partial certificate on error.
2015-12-07 16:51:28 +01:00
Tommie Gannert
e32b9abfb2
Remove ObtainCertificates and rename ObtainSANCertificate to ObtainCertificate.
...
Also removes revokation abilities from RenewCertificate.
Makes the API more orthogonal. These things are not provided by the
ACME protocol, but were convenience helpers.
2015-12-05 22:07:12 +00:00
Tommie Gannert
71624f607a
Replace exponential back-off in validate with Retry-After header.
...
Last paragraph of ACME spec, section 6.5:
To check on the status of an authorization, the client sends a GET
request to the authorization URI, and the server responds with the
current authorization object. In responding to poll requests while
the validation is still in progress, the server MUST return a 202
(Accepted) response with a Retry-After header field.
2015-12-05 21:32:53 +00:00
Tommie Gannert
b2c88d7a5d
Make solvers configurable.
...
Allows selecting which solvers are available, and specifying options for them.
2015-12-05 21:01:08 +00:00
Tommie Gannert
039b7c50dc
Use postJSON and getJSON wherever possible.
...
Encapsulates JSON marshalling.
2015-12-05 15:59:15 +00:00
Tommie Gannert
2dc2fdd1af
Split off tests for validate, simplifying HTTP-01 and TLS-SNI-01 tests.
2015-12-05 15:09:29 +00:00
Tommie Gannert
58a2fd2267
Split off validation function.
...
This is a loop that interacts with the ACME server, not the individual challenges.
Also switch to exponential back-off polling for good measure.
2015-12-05 11:52:24 +00:00
xenolf
22622438fd
Implement TLS-SNI-01 to match Boulder. Not spec conform.
2015-11-22 19:31:16 +01:00
Matthew Holt
974f2fa929
Don't try appending /directory to caURL (spec doesn't require it)
...
Also improved some comments/docs and fixed a test
2015-11-20 12:01:06 -07:00
xenolf
f2389fda58
Remove simpleHTTP - Update README
2015-11-18 22:17:02 +01:00
xenolf
7662cbcec5
Merge pull request #30 from xenolf/add-san-cert
...
Add SAN certificates - fix #20
2015-11-18 22:07:54 +01:00
xenolf
f41ed4f9de
Remove unneeded function
2015-11-18 21:41:27 +01:00
xenolf
caba7ddee7
Add comment to ObtainSANCertificate
2015-11-18 19:53:42 +01:00
xenolf
3be490f6cb
Change how challenge order is preserved as suggested by @zakjan
2015-11-18 19:44:47 +01:00
xenolf
b9ba9e58b3
Return the right error
2015-11-17 23:07:13 +01:00
xenolf
6671fd137c
Make sure the challenges do not get re-ordered for SAN certs
2015-11-17 22:22:25 +01:00
xenolf
c849ca1b90
If any challenge fails - return an error
2015-11-17 19:45:15 +01:00
xenolf
83dc16fa5e
Add the http-01 challenge to the list of solvers
2015-11-12 22:32:27 +01:00
xenolf
3409740d33
Fix nonce starvation bug in SimpleHTTP - fix tests
2015-11-12 02:55:28 +01:00
xenolf
b958bd2da4
Make the CA URL accept /directory. #23
2015-11-11 13:51:03 +01:00
xenolf
27a8cff3c6
Initial support for SAN certificates
2015-11-11 01:01:15 +01:00
Matthew Holt
10f2b59add
Removed unused functions, more consistent/readable debugging
2015-11-06 23:22:32 -07:00
Matthew Holt
6f9e487d7d
Make acme.Logger optional; otherwise use standard log.Logger
...
Also fixed lil' vet warning
2015-11-05 23:43:42 -07:00
xenolf
a2867a0c18
Add TOSError and change ObtainCertificates to return errors by domain.
2015-11-02 01:01:00 +01:00
xenolf
ee2c7f3ad7
Library support for optional email
2015-10-31 00:12:12 +01:00
xenolf
3842dc6432
Forward server error messages to the caller
...
Fixes #18 .
2015-10-29 01:42:05 +01:00
Matthew Holt
56d50cebd8
Replaced fatal with print; return errors from NewClient
2015-10-27 17:00:42 -06:00
xenolf
8b16d59831
Remove devMode from library and cli.
2015-10-26 00:47:37 +01:00
xenolf
8d31bb0123
Remove challenge pre-checks.
...
We won't ever be able to do this properly for all possible scenarios.
2015-10-26 00:40:11 +01:00
xenolf
537a0b74fd
Update client.go
2015-10-25 23:37:26 +01:00
xenolf
2afea79309
Fix cert bundle order
2015-10-24 04:31:12 +02:00
xenolf
51a95ee548
Add initial support for certificate bundling
2015-10-24 03:55:18 +02:00
xenolf
4d99c9e543
Support for RecoveryKey (not enabled). But not supported server side...
2015-10-23 16:24:02 +02:00
xenolf
3ddf33c8c3
Change name of AgreeToTos to AgreeToTOS.
...
According to https://github.com/golang/go/wiki/CodeReviewComments#initialisms
2015-10-23 10:17:51 +02:00
Matthew Holt
5efb56a1d4
Fix file descriptor leaks
2015-10-21 22:16:36 -06:00
xenolf
e74d5d4586
Make cert revocation on renewal optional. Also change signature of renew.
2015-10-19 03:20:41 +02:00
xenolf
0cd31861d3
Implement renewal. Fixes #7
2015-10-19 00:42:04 +02:00
xenolf
10b0192255
Fix goroutine leak.
...
Fixes #10
Tired coding is bad for you, mkay?
2015-10-18 17:27:59 +02:00