Commit graph

382 commits

Author SHA1 Message Date
Michael Cross
9350fb4aef http-01 challenge: disable TCP connection reuse
If TCP connection reuse (KeepAlives) are left on then, in a sequence
of challenges arising from a multiple-domain certficate, challenges
after the 1st can fail due to reusing the now defunct tcp connection
used in the first challenge. This has been observed when using the Go
standard library reverse proxy to forward the challenges to Lego.

Fixes #107
2016-02-07 13:40:47 +00:00
xenolf
e4978657b2 Merge pull request #102 from willglynn/aws_authentication
Add support for additional AWS authentication sources
2016-02-07 14:28:57 +01:00
Matt Holt
4efc9abf53 Merge pull request #104 from chrismoos/fix_ocsp
GetOCSPForCert should fail if there are no OCSP servers in the cert.
2016-02-07 05:43:23 -07:00
Chris Moos
7bdc9e26f7 GetOCSPCert should fail if there are no OCSP servers in the cert. 2016-02-06 23:19:32 -07:00
Matt Holt
1bb7d54178 Merge pull request #103 from willglynn/compact_iam_policy
Compact IAM policy
2016-02-06 18:23:21 -07:00
Will Glynn
fa8214b5b8 Reduce IAM policy to a more compact version
`Sid` is optional and can be omitted for brevity.

Both `route53:ListHostedZones` and `route53:GetChange` are allowed for
`*`, so they can be combined into a single statement.

Actions can be combined onto the same line, since it's equivalent JSON.
2016-02-06 19:06:21 -06:00
Will Glynn
13e01e1751 Add support for additional AWS authentication sources
AWS client tools commonly support passing credentials via
`AWS_ACCESS_KEY_ID` + `AWS_SECRET_ACCESS_KEY`, but supporting only this is
insufficient. For example, access key IDs provided by STS require passing in
`AWS_SECURITY_TOKEN` as a third value, and EC2 instances are often provided
dynamic credentials at runtime via the EC2 metadata service.

This changeset makes `lego` attempt to find credentials in the same way that
the `aws` CLI tool attempts to find credentials. The result is even less
auth code than before because `goamz` provides all this with `aws.GetAuth()`.
2016-02-06 18:38:40 -06:00
Matt Holt
1198444908 Merge pull request #99 from jehiah/http_head_error_99
Handle HEAD request errors
2016-02-06 13:20:50 -07:00
Jehiah Czebotar
9dc7fa9d52 httpHead: return error before referencying resp.Body 2016-02-06 15:06:42 -05:00
xenolf
3939b9f20b Merge pull request #98 from jimmycuadra/readme-route53
Add full CLI example and IAM policy for Route 53 to the README.
2016-02-06 20:39:49 +01:00
Jimmy Cuadra
e800e75b59 Add full CLI example and IAM policy for Route 53 to the README. [ci
skip]
2016-02-05 02:44:09 -08:00
xenolf
be4e74d1aa Merge pull request #97 from janeczku/route53-raw-string-literals
Route53 provider fixes
2016-02-05 04:05:25 +01:00
Jan Broer
bae7428c08 Fixes issues with the Present() method of Route53 provider:
- InvalidTXTRDATA error when creating TXT record (closes #94)
- Present() should poll and wait until the status of the record change becomes INSYNC (thanks @oov)

Adds a retry/timeout utility function to dns_challenge.go that may be used in other places
2016-02-04 00:34:52 +01:00
xenolf
031c5b522e Update the CHANGELOG 2016-01-31 00:30:35 +01:00
xenolf
3fed18cce9 Corrected AWS_REGION env variable name 2016-01-31 00:10:46 +01:00
xenolf
29423c6293 Merge pull request #91 from weppos/log-with-name
Add missing domain name for consistency
2016-01-30 23:58:21 +01:00
xenolf
1ab8907f82 Merge pull request #90 from weppos/dnsimple-subdomain
Fix bugs with subdomains
2016-01-30 23:57:27 +01:00
xenolf
b2bdf0c809 Merge pull request #89 from denquixote/lessmagicdnsresolver
dns_challenge preCheckDNS: let system resolver decide IPv4 ./. IPv6.
2016-01-30 23:51:30 +01:00
Simone Carletti
ae7184b339 Add missing domain name for consistency
Before the change:

    2016/01/30 00:23:37 [INFO][simonecarletti.com, foo1.simonecarletti.com, foo2.simonecarletti.com, foo3.simonecarletti.com] acme: Obtaining bundled SAN certificate
    2016/01/30 00:23:38 [INFO][simonecarletti.com] acme: Could not find solver for: tls-sni-01
    2016/01/30 00:23:38 [INFO] acme: Trying to solve DNS-01
    2016/01/30 00:23:42 [INFO][simonecarletti.com] The server validated our request
    2016/01/30 00:23:44 [INFO] acme: Trying to solve DNS-01
    2016/01/30 00:23:47 [INFO][foo1.simonecarletti.com] The server validated our request
    2016/01/30 00:23:49 [INFO][foo2.simonecarletti.com] acme: Could not find solver for: tls-sni-01
    2016/01/30 00:23:49 [INFO][foo2.simonecarletti.com] acme: Could not find solver for: http-01
    2016/01/30 00:23:49 [INFO] acme: Trying to solve DNS-01
    2016/01/30 00:23:53 [INFO][foo3.simonecarletti.com] acme: Could not find solver for: http-01
    2016/01/30 00:23:53 [INFO] acme: Trying to solve DNS-01
    2016/01/30 00:23:56 [INFO][foo3.simonecarletti.com] The server validated our request

After the change:

    2016/01/30 00:27:58 [INFO][simonecarletti.com, foo1.simonecarletti.com, foo2.simonecarletti.com, foo3.simonecarletti.com] acme: Obtaining bundled SAN certificate
    2016/01/30 00:27:59 [INFO][simonecarletti.com] acme: Could not find solver for: http-01
    2016/01/30 00:27:59 [INFO][simonecarletti.com] acme: Trying to solve DNS-01
    2016/01/30 00:28:12 [INFO][simonecarletti.com] The server validated our request
    2016/01/30 00:28:14 [INFO][foo1.simonecarletti.com] acme: Could not find solver for: http-01
    2016/01/30 00:28:14 [INFO][foo1.simonecarletti.com] acme: Trying to solve DNS-01
    2016/01/30 00:28:19 [INFO][foo2.simonecarletti.com] acme: Could not find solver for: http-01
    2016/01/30 00:28:19 [INFO][foo2.simonecarletti.com] acme: Could not find solver for: tls-sni-01
    2016/01/30 00:28:19 [INFO][foo2.simonecarletti.com] acme: Trying to solve DNS-01
    2016/01/30 00:28:22 [INFO][foo1.simonecarletti.com] The server validated our request
2016-01-30 22:17:41 +01:00
Simone Carletti
2e32f171d2 DNSimpleProvider: Fix wrong record deletion
This is a very subtle bug. In some specific circumstances, when the
list of domains in the SAN was > 1, the library may delete the wrong
record (specifically the last one) instead of the matching one.

The issue is explained here
https://groups.google.com/forum/#!topic/golang-nuts/tlWzJUWJKgA

Here's the output from one of the various tests

    ➜  lego git:(dnsimple-subdomain) ✗ DNSIMPLE_DOMAIN=simone.io go test -v ./... --run "TestLiveDNSimpleCleanUp"
    ?       github.com/xenolf/lego    [no test files]
    === RUN   TestLiveDNSimpleCleanUp
    2016/01/30 01:10:45 Empty records:
    2016/01/30 01:10:45 0
    2016/01/30 01:10:46 Fetched records:
    2016/01/30 01:10:46 [{5326536 41571  v=spf1 a include:_spf.google.com ~all 3600 0 TXT 2016-01-26 12:53:42.85 +0000 UTC 2016-01-26 12:53:42.85 +0000 UTC} {5026157 41571 google-site-verification=obstZAG6j2BVxYg696WxAsC46_d1-bzkv7D0qGm4K_0 3600 0 TXT 2015-10-19 11:21:03.586 +0000 UTC 2015-10-19 11:21:03.586 +0000 UTC} {5340655 41571 _acme-challenge ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-29 23:52:15.657 +0000 UTC 2016-01-29 23:52:15.657 +0000 UTC} {5340677 41571 _acme-challenge.www1 ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-30 00:03:19.89 +0000 UTC 2016-01-30 00:03:19.89 +0000 UTC}]
    2016/01/30 01:10:46 Record name:
    2016/01/30 01:10:46 _acme-challenge
    2016/01/30 01:10:46 {5326536 41571  v=spf1 a include:_spf.google.com ~all 3600 0 TXT 2016-01-26 12:53:42.85 +0000 UTC 2016-01-26 12:53:42.85 +0000 UTC}
    2016/01/30 01:10:46 {5026157 41571 google-site-verification=obstZAG6j2BVxYg696WxAsC46_d1-bzkv7D0qGm4K_0 3600 0 TXT 2015-10-19 11:21:03.586 +0000 UTC 2015-10-19 11:21:03.586 +0000 UTC}
    2016/01/30 01:10:46 {5340655 41571 _acme-challenge ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-29 23:52:15.657 +0000 UTC 2016-01-29 23:52:15.657 +0000 UTC}
    2016/01/30 01:10:46 Deleted>>
    2016/01/30 01:10:46 {5340655 41571 _acme-challenge ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-29 23:52:15.657 +0000 UTC 2016-01-29 23:52:15.657 +0000 UTC}
    2016/01/30 01:10:46 >>Deleted
    2016/01/30 01:10:46 {5340677 41571 _acme-challenge.www1 ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-30 00:03:19.89 +0000 UTC 2016-01-30 00:03:19.89 +0000 UTC}
    2016/01/30 01:10:46 Record to delete:
    2016/01/30 01:10:46 1
    2016/01/30 01:10:46 {5340677 41571 _acme-challenge.www1 ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-30 00:03:19.89 +0000 UTC 2016-01-30 00:03:19.89 +0000 UTC}
    2016/01/30 01:10:46 Record to delete (foos):
    2016/01/30 01:10:46 [{5340655 41571 _acme-challenge ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-29 23:52:15.657 +0000 UTC 2016-01-29 23:52:15.657 +0000 UTC}]
    2016/01/30 01:10:46 Found records to delete:
    2016/01/30 01:10:46 1
    2016/01/30 01:10:46 [0xc8203be240]
    2016/01/30 01:10:46 &{5340677 41571 _acme-challenge.www1 ADw2sEd82DUgXcQ9hNBZThJs7zVJkR5v9JeSbAb9mZY 120 0 TXT 2016-01-30 00:03:19.89 +0000 UTC 2016-01-30 00:03:19.89 +0000 UTC}
    --- PASS: TestLiveDNSimpleCleanUp (3.10s)
    PASS
    ok      github.com/xenolf/lego/acme    3.121s

The record 5340655 was supposed to be deleted, but 5340677 was deleted
instead (notice how the deleted record was always the last one in the
returned record set).

And of course the validation never passed

    ➜  letsencrypt-dnsimple git:(master) go run main.go --user xxx --api-key "xxx" --email "xxx@gmail.com" simone.io,foo1.simone.io,foo2.simone.io,foo3.simone.io
    2016/01/30 00:27:55 .data/users/xxx@gmail.com
    2016/01/30 00:27:55 {xxx@gmail.com <nil> 0xc82009a300}
    2016/01/30 00:27:56 [INFO] acme: Registering account for xxx@gmail.com
    2016/01/30 00:27:57 &{{ 116016 {RSA xxx} [mailto:xxx@gmail.com]   } https://acme-staging.api.letsencrypt.org/acme/reg/116016 https://acme-staging.api.letsencrypt.org/acme/new-authz https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf}
    2016/01/30 00:27:58 [INFO][simone.io, foo1.simone.io, foo2.simone.io, foo3.simone.io] acme: Obtaining bundled SAN certificate
    2016/01/30 00:27:59 [INFO][simone.io] acme: Could not find solver for: http-01
    2016/01/30 00:27:59 [INFO][simone.io] acme: Trying to solve DNS-01
    2016/01/30 00:28:00 simone.io
    2016/01/30 00:28:00 &{0 0 _acme-challenge Uo7cIEDgw_sCgZhSOML_GU4DkKlgpB6p1Et8lxRVGLI 120 0 TXT <nil> <nil>}
    2016/01/30 00:28:12 [INFO][simone.io] The server validated our request
    2016/01/30 00:28:14 &{5340584 41571 _acme-challenge Uo7cIEDgw_sCgZhSOML_GU4DkKlgpB6p1Et8lxRVGLI 120 0 TXT 2016-01-29 23:28:00.828 +0000 UTC 2016-01-29 23:28:00.828 +0000 UTC}
    2016/01/30 00:28:14 [INFO][foo1.simone.io] acme: Could not find solver for: http-01
    2016/01/30 00:28:14 [INFO][foo1.simone.io] acme: Trying to solve DNS-01
    2016/01/30 00:28:15 simone.io
    2016/01/30 00:28:15 &{0 0 _acme-challenge.foo1 l_HB5ctb2M86FVcgpCaWgURVhCePNY9KIVQ0tsVH2Ew 120 0 TXT <nil> <nil>}
    2016/01/30 00:28:19 &{5340585 41571 _acme-challenge.foo1 l_HB5ctb2M86FVcgpCaWgURVhCePNY9KIVQ0tsVH2Ew 120 0 TXT 2016-01-29 23:28:15.996 +0000 UTC 2016-01-29 23:28:15.996 +0000 UTC}
    2016/01/30 00:28:19 [INFO][foo2.simone.io] acme: Could not find solver for: http-01
    2016/01/30 00:28:19 [INFO][foo2.simone.io] acme: Could not find solver for: tls-sni-01
    2016/01/30 00:28:19 [INFO][foo2.simone.io] acme: Trying to solve DNS-01
    2016/01/30 00:28:20 simone.io
    2016/01/30 00:28:20 &{0 0 _acme-challenge.foo2 rohi66Q0VHSEu0kR3LcGPkFEIftt47xHfeQercf8frU 120 0 TXT <nil> <nil>}
    2016/01/30 00:28:22 [INFO][foo2.simone.io] The server validated our request
    2016/01/30 00:28:23 &{5340586 41571 _acme-challenge.foo2 rohi66Q0VHSEu0kR3LcGPkFEIftt47xHfeQercf8frU 120 0 TXT 2016-01-29 23:28:21.051 +0000 UTC 2016-01-29 23:28:21.051 +0000 UTC}
    2016/01/30 00:28:24 [INFO][foo3.simone.io] acme: Could not find solver for: tls-sni-01
    2016/01/30 00:28:24 [INFO][foo3.simone.io] acme: Could not find solver for: http-01
    2016/01/30 00:28:24 [INFO][foo3.simone.io] acme: Trying to solve DNS-01
    2016/01/30 00:28:25 simone.io
    2016/01/30 00:28:25 &{0 0 _acme-challenge.foo3 gmn1sKV_0gP3BiOT3yZQywZq95akKRGup0IJs1cqdVo 120 0 TXT <nil> <nil>}
    2016/01/30 00:28:27 [INFO][foo3.simone.io] The server validated our request
    2016/01/30 00:28:28 &{5340587 41571 _acme-challenge.foo3 gmn1sKV_0gP3BiOT3yZQywZq95akKRGup0IJs1cqdVo 120 0 TXT 2016-01-29 23:28:25.616 +0000 UTC 2016-01-29 23:28:25.616 +0000 UTC}
    2016/01/30 00:28:28 map[foo1.simone.io:acme: Error 0 - urn:acme:error:connection - DNS problem: NXDOMAIN looking up TXT for _acme-challenge.foo1.simone.io
    Error Detail:
    ]
    exit status 1

This is the result of the latest (successful) run:

    ➜  letsencrypt-dnsimple git:(master) ✗ go run main.go --user xxx --api-key "xxx" --email "xxx@gmail.com" simone.io,yy.simone.io,xx.simone.io
    2016/01/30 21:34:01 .data/users/xxx@gmail.com
    2016/01/30 21:34:01 {xxx@gmail.com <nil> 0xc820070480}
    2016/01/30 21:34:02 [INFO] acme: Registering account for xxx@gmail.com
    2016/01/30 21:34:03 &{{ 116199 {RSA xxx} [mailto:xxx@gmail.com]   } https://acme-staging.api.letsencrypt.org/acme/reg/116199 https://acme-staging.api.letsencrypt.org/acme/new-authz https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf}
    2016/01/30 21:34:03 [INFO][simone.io, yy.simone.io, xx.simone.io] acme: Obtaining bundled SAN certificate
    2016/01/30 21:34:04 [INFO][simone.io] acme: Could not find solver for: tls-sni-01
    2016/01/30 21:34:04 [INFO][simone.io] acme: Could not find solver for: http-01
    2016/01/30 21:34:04 [INFO][simone.io] acme: Trying to solve DNS-01
    2016/01/30 21:34:13 [INFO][simone.io] The server validated our request
    2016/01/30 21:34:14 Searching for
    2016/01/30 21:34:14 simone.io
    2016/01/30 21:34:15 To delete:
    2016/01/30 21:34:15 {5341831 41571 _acme-challenge TX8-77TN9XHZHO510Yw20u1j89UhdgGXcwScKZHRGNY 120 0 TXT 2016-01-30 20:34:05.859 +0000 UTC 2016-01-30 20:34:05.859 +0000 UTC}
    2016/01/30 21:34:15 Will delete:
    2016/01/30 21:34:15 [{5341831 41571 _acme-challenge TX8-77TN9XHZHO510Yw20u1j89UhdgGXcwScKZHRGNY 120 0 TXT 2016-01-30 20:34:05.859 +0000 UTC 2016-01-30 20:34:05.859 +0000 UTC}]
    2016/01/30 21:34:15 [INFO][yy.simone.io] acme: Could not find solver for: http-01
    2016/01/30 21:34:15 [INFO][yy.simone.io] acme: Could not find solver for: tls-sni-01
    2016/01/30 21:34:15 [INFO][yy.simone.io] acme: Trying to solve DNS-01
    2016/01/30 21:34:18 [INFO][yy.simone.io] The server validated our request
    2016/01/30 21:34:19 Searching for
    2016/01/30 21:34:19 yy.simone.io
    2016/01/30 21:34:19 To delete:
    2016/01/30 21:34:19 {5341832 41571 _acme-challenge.yy pHolYM_OqxCThmL3nBA91qRCI6-oEIMG0YOJj3R1Xww 120 0 TXT 2016-01-30 20:34:17.176 +0000 UTC 2016-01-30 20:34:17.176 +0000 UTC}
    2016/01/30 21:34:19 Will delete:
    2016/01/30 21:34:19 [{5341832 41571 _acme-challenge.yy pHolYM_OqxCThmL3nBA91qRCI6-oEIMG0YOJj3R1Xww 120 0 TXT 2016-01-30 20:34:17.176 +0000 UTC 2016-01-30 20:34:17.176 +0000 UTC}]
    2016/01/30 21:34:20 [INFO][xx.simone.io] acme: Could not find solver for: tls-sni-01
    2016/01/30 21:34:20 [INFO][xx.simone.io] acme: Trying to solve DNS-01
    2016/01/30 21:34:23 [INFO][xx.simone.io] The server validated our request
    2016/01/30 21:34:23 Searching for
    2016/01/30 21:34:23 xx.simone.io
    2016/01/30 21:34:24 To delete:
    2016/01/30 21:34:24 {5341833 41571 _acme-challenge.xx LEr6l7KJCr6e7LlqyQgAbZbKCRmLFa5zNC8kNHK1FtQ 120 0 TXT 2016-01-30 20:34:21.793 +0000 UTC 2016-01-30 20:34:21.793 +0000 UTC}
    2016/01/30 21:34:24 Will delete:
    2016/01/30 21:34:24 [{5341833 41571 _acme-challenge.xx LEr6l7KJCr6e7LlqyQgAbZbKCRmLFa5zNC8kNHK1FtQ 120 0 TXT 2016-01-30 20:34:21.793 +0000 UTC 2016-01-30 20:34:21.793 +0000 UTC}]
    2016/01/30 21:34:25 [INFO][simone.io, yy.simone.io, xx.simone.io] acme: Validations succeeded; requesting certificates
    2016/01/30 21:34:26 [INFO] acme: Requesting issuer cert from https://acme-staging.api.letsencrypt.org/acme/issuer-cert
    2016/01/30 21:34:26 [INFO][simone.io] Server responded with a certificate.
    [INFO][https://acme-staging.api.letsencrypt.org/acme/cert/fae971fcb1ce12 c4d3bb95a1f577786cccfe] Certificate simone.io, yy.simone.io, xx.simone.io2016/01/30 21:34:26 145 <nil>
    2016/01/30 21:34:26 .data/certs/1454186041
    2016/01/30 21:34:26 completed!
2016-01-30 22:14:29 +01:00
Den Quixote
0e53e51ba5 dns_challenge preCheckDNS: let system resolver decide IPv4 ./. IPv6.
We can ask the OS resolver for the IP of Google's public anycast DNS.
No need to "bootstrap" with literal IP address. The OS resolver knows
best about IPv4 ./. IPv6.

Mostly fixes #88.
2016-01-30 19:39:10 +01:00
xenolf
316cb44f80 Update usage in README 2016-01-30 02:43:35 +01:00
xenolf
83bfa084f8 Merge pull request #83 from weppos/patch-1
Mark DNS challenge as completed in the README
2016-01-30 02:41:58 +01:00
xenolf
2bcf74c1c4 Add DNS01 support to the CLI 2016-01-30 02:40:57 +01:00
Simone Carletti
753f9ca798 DNSimpleProvider: Fix bug with subdomains
When requesting a certificate for a subdomain, the DNS record was
attached to the domain instead.

E.g.

Requested:

    ww1.example.com

Created:

   _acme-challenge.example.com

instead of

    _acme-challenge.ww1.example.com
2016-01-30 00:03:50 +01:00
Simone Carletti
adc8afbb89 Update the path to the go lib 2016-01-29 23:47:56 +01:00
xenolf
815d8bba0c Merge pull request #84 from weppos/dnsimple
Add DNSimple DNS support
2016-01-29 23:06:42 +01:00
xenolf
54e272aaa3 Fix regression in Renew with SAN.
re-apply 5930ea52f0
Fixes #87
2016-01-29 14:10:57 +01:00
Matthew Holt
cf4ca2a89d Use http.DefaultClient
The Go docs recommend this.
2016-01-27 20:43:51 -07:00
xenolf
0a560b8761 Merge pull request #86 from xenolf/dns-do
Add DigitalOcean DNS provider
2016-01-27 02:04:13 +01:00
Matthew Holt
b42b256d5c Add DigitalOcean DNS provider
Also a few vet/lint fixes and improved some error messages
2016-01-26 17:57:55 -07:00
Simone Carletti
d70e2869d2 Move toFqdn and unFqdn into a shared place (see GH-84) 2016-01-26 16:37:50 +01:00
Simone Carletti
08516614dd DNSimpleProvider: implement Present/CleanUp 2016-01-26 15:09:33 +01:00
Simone Carletti
6a3297e36f DNSimpleProvider: fetch credentials from env
I also had to rename the `envAuth()` in the Cloudflare implementation
to avoid the "redeclared" error

    acme/dns_challenge_dnsimple.go:41: envAuth redeclared in this block
        previous declaration at acme/dns_challenge_cloudflare.go:154
2016-01-26 13:13:40 +01:00
Simone Carletti
bcfce0809a DNSimpleProvider: Check valid credentials 2016-01-26 12:25:51 +01:00
Simone Carletti
3f4b078329 Basic DNSimple implementation for DNSProvider 2016-01-26 12:14:10 +01:00
Simone Carletti
76c2c641bb Mark DNS challenge as completed in the README
It looks like it was merged in 602aeba6c1
2016-01-25 22:12:41 +01:00
xenolf
50031525c9 Fix DNS-01 challenge resource property 2016-01-25 00:32:47 +01:00
xenolf
08cd016ed3 Switch DNS-01 challenge over to central validation function 2016-01-25 00:23:21 +01:00
xenolf
0c1adedebe Merge pull request #76 from jehiah/custom_http_challenge_76
http-01: refactor provider for presenting token
2016-01-25 00:10:30 +01:00
Jehiah Czebotar
617dd4d37c Refactor challenge providers to new ChallengeProvider interface
* new ChallengeProvider with Present and CleanUp methods
* new Challenge type describing `http-01`, `tls-sni-01`, `dns-01`
* new client.SetChallengeProvider to support custom implementations
2016-01-24 16:10:50 -05:00
Matt Holt
2e5ae296cc Merge pull request #82 from tsileo/patch-1
Fix the example in the README
2016-01-24 08:21:21 -07:00
Thomas Sileo
1040a2f5df Fix the example in the README
The change fixes the example in the README.

`ObtainCertificate` returns a map of "failures" and not a standard error as second return value.
2016-01-24 12:47:13 +01:00
Matthew Holt
1ceed018fd Tweak comment 2016-01-22 13:39:32 -07:00
xenolf
640e48ec80 Merge pull request #80 from janeczku/route53-getzones
Making sure we get all zones from Route53
2016-01-22 20:26:19 +01:00
Jan Broer
323bb88640 Fetch remaining zones when response is truncated.
Route53 API won’t return more than 100 zones per request.
2016-01-22 18:50:18 +01:00
xenolf
50be32a69e Change maximum zone number requested from Route53 to Math.MaxInt32 from MaxInt64.
Fixes #79.
2016-01-22 18:18:53 +01:00
xenolf
5992793edd Refactor DNS precheck 2016-01-22 02:25:27 +01:00
xenolf
602aeba6c1 Merge branch 'add-dns-challenge' 2016-01-22 01:51:10 +01:00
xenolf
a3f134e3fb Check DNS entry for validity before hitting boulder 2016-01-22 01:38:15 +01:00