Commit graph

27 commits

Author SHA1 Message Date
Ludovic Fernandez
e7fd871a9c
ACME V2 support (#555) 2018-05-30 19:53:04 +02:00
Unknown
f3fc555a98 Add explicit calls to disable authz on errors 2017-04-27 01:46:52 +02:00
Joe Shaw
e9c3078492 add issuer certificate to CertificateResource (#325)
* add issuer certificate to CertificateResource

Also write it out to the file system when running "lego run"

Removed caching of the issuer certificate inside the acme client, since
it didn't appear to be used.

* only append issuerCert to issuedCert in case of success

Effectively a no-op since issuerCert will be nil on error, but it seems
more correct to only do it if fetching the issuer succeeds.
2016-12-14 00:22:48 +01:00
Ely Deckers
4083ff8bc3 Fix duplicate json tag in recoveryKeyMessage
Fixed issue by removing unused recoveryKeyMessage struct

Issue appears in Go 1.8+ due to this improvement to vet:
https://go-review.googlesource.com/#/c/16704/
2016-10-15 19:32:28 +02:00
Chris Marchesi
575370e196 cert: Extend acme.CertificateResource, support CSRs on renew
client.RenewCertificate now supports CSRs, and in fact prefers them,
when renewing certificates. In other words, if the certificate was
created via a CSR then using that will be attempted before re-generating
off a new private key.

Also adjusted the API of ObtainCertificateForCSR to be a little
more in line with the original ObtainCertificate function.
2016-06-14 21:15:25 -07:00
Chris Marchesi
3028225371 reg: Add Query and Delete functions
Add 2 new functions to acme.Client for registration stuff:

 * QueryRegistration: This performs a POST on the client
   registration's URI and gets the updated registration info.
 * DeleteRegistration: This deletes the registration as currently
   configured in the client.

The latter, while a part of the IETF draft, may not be 100%
functional in LE yet, my tests showed that resources were still
available after deletion.
2016-06-08 16:36:42 -07:00
Cedric Staub
6528bf217e Build with go-jose.v1 instead of master 2016-03-27 12:38:49 -07:00
xenolf
98c95e83c9 Add link to account to certificate meta data. 2016-03-14 03:29:29 +01:00
xenolf
0e26bb45ca Add support for EC certificates / account keys 2016-02-21 04:18:45 +01:00
Jehiah Czebotar
617dd4d37c Refactor challenge providers to new ChallengeProvider interface
* new ChallengeProvider with Present and CleanUp methods
* new Challenge type describing `http-01`, `tls-sni-01`, `dns-01`
* new client.SetChallengeProvider to support custom implementations
2016-01-24 16:10:50 -05:00
xenolf
f08c15df80 Use boulder error messages. 2015-12-11 17:16:24 +01:00
xenolf
e8d64bb50b WIP TLS-SNI-01
[ci skip]
2015-11-22 19:31:16 +01:00
Jan Zak
5f566d2e0c Add JSON tags to RegistrationResource as used in official client 2015-11-13 20:20:15 +01:00
xenolf
ba66756d4e Initial work on HTTP-01 2015-11-12 21:42:57 +01:00
xenolf
998a8325aa Move back to square/go-jose 2015-11-12 02:06:22 +01:00
xenolf
51a95ee548 Add initial support for certificate bundling 2015-10-24 03:55:18 +02:00
xenolf
4d99c9e543 Support for RecoveryKey (not enabled). But not supported server side... 2015-10-23 16:24:02 +02:00
xenolf
29a27ba807 Make CertResources json savable. Fix cli_handlers to use it. 2015-10-19 00:40:59 +02:00
xenolf
caa6e78289 Clean some stuff up and refactor getCerts for some concurrency. 2015-10-18 02:16:15 +02:00
xenolf
b3035b16b5 Support for cert revocation 2015-09-27 14:51:44 +02:00
xenolf
e5f6f4c4a3 Changed the client to pull the urls down from the directory on the CA server.
CA Url now needs to point to the root of the CA
2015-09-26 22:59:16 +02:00
xenolf
37b20117bf Update everything to work with the latest boulder updates. 2015-09-26 19:45:52 +02:00
xenolf
1ceebb72a2 Add Authorizations to CSR request message 2015-06-13 04:10:32 +02:00
xenolf
612033a83a Flesh out run cli_handler for error handling and saving certificates 2015-06-13 03:56:34 +02:00
xenolf
a2d9bf4cc3 Initial version of the SimpleHTTPS challenge 2015-06-13 03:55:53 +02:00
xenolf
7aab5562c1 Move CLI handlers to their own file
Implement Tos accept and start obtain certificates
2015-06-08 23:54:15 +02:00
xenolf
ea47f1137a Base implementation with registration support 2015-06-08 02:36:07 +02:00