summaryrefslogtreecommitdiff
path: root/src/ejabberd_acme.erl (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Change file mode of ACME certficatesEvgeniy Khramtsov2017-11-191-4/+10
|
* Re-read ACME certificates on config reloadEvgeniy Khramtsov2017-11-191-1/+3
|
* Fix renew_certificates ejabberdctl commandEvgeniy Khramtsov2017-11-171-3/+3
| | | | Thanks to Konstantinos Kallas
* Don't forget to include intermediate ACME certificateEvgeniy Khramtsov2017-11-171-3/+7
| | | | Thanks to Konstantinos Kallas
* Fix ACME options validationEvgeniy Khramtsov2017-11-171-2/+2
|
* Improve ACME options validationEvgeniy Khramtsov2017-11-171-11/+12
|
* Move ejabberdctl ACME commands to other locationEvgeniy Khramtsov2017-11-171-22/+73
|
* Make ACME code working with ejabberd_pkixEvgeniy Khramtsov2017-11-171-63/+67
|
* Merge branch 'lets_encrypt_acme_support' of ↵Evgeniy Khramtsov2017-11-151-0/+3
| | | | | | | | git://github.com/angelhof/ejabberd into angelhof-lets_encrypt_acme_support Conflicts: rebar.config src/ejabberd_pkix.erl
* Explain what is needed for the acme configuration and other small changesKonstantinos Kallas2017-11-141-32/+47
| | | | | | | 1. Add a request handler in ejabberd_http and explain how to configure the http listener so that the challenges can be solved. 2. Make acme configuration optional by providing defaults in ejabberd_acme. 3. Save the CA that the account has been created in so that it creates a new account when connecting to a new CA. 4. Small spec change in acme configuration.
* Solve Travis build xref problemKonstantinos Kallas2017-09-061-5/+18
| | | | | Travis build failed on xref because some functions that I used did not exist in OTP versions 17.5, 18.3 Those functions are: ets:take/2, lists:join/2, erlang:timestamp/0.
* Remove some unused variable warnings, replace lists:join with string joinKonstantinos Kallas2017-08-251-7/+6
|
* Show SANs in list_CertificatesKonstantinos Kallas2017-08-221-9/+37
|
* Acquire certificates for all subdomains of a host and include them in SANKonstantinos Kallas2017-08-221-10/+42
|
* Remove partial RSA key supportKonstantinos Kallas2017-08-221-20/+0
|
* Add certfile when acquiredKonstantinos Kallas2017-08-221-0/+1
|
* Remove some debugging INFO_MSGsKonstantinos Kallas2017-08-191-3/+0
|
* Delete a development acme moduleKonstantinos Kallas2017-08-191-1/+1
|
* Merge remove_account_option branchKonstantinos Kallas2017-08-191-12/+16
|\
| * Remove the new account option from get certificate. There is no reason for ↵Konstantinos Kallas2017-08-111-13/+17
| | | | | | | | having this
* | Cleanup some comments:Konstantinos Kallas2017-08-191-5/+0
| |
* | Add acme certificates for all configured hosts in ejabberd_pkixKonstantinos Kallas2017-08-191-0/+21
| |
* | Add behaviour ejabberd_config in ejabberd_acme in order to validate the configKonstantinos Kallas2017-08-191-4/+36
| |
* | Change some specsKonstantinos Kallas2017-08-121-8/+8
| |
* | Add support to revoke a certificate by providing the pemKonstantinos Kallas2017-08-121-12/+40
| | | | | | | | This is important so that a user can revoke a certificate that is not acquired or logged from our acme client
* | Move the ca_url to the config fileKonstantinos Kallas2017-08-121-10/+24
|/
* Format expired certificates differently in list_certificatesKonstantinos Kallas2017-08-111-10/+23
|
* Renew certificate now renews all saved certificates that are close to expireKonstantinos Kallas2017-08-101-32/+15
| | | | Before this commit renew_certificate only checked the hosts in the config file and renewd the certificates for those. However the user can request certificates apart from the hosts in the config file so he should be able to also renew them.
* Revoke Certificate: Jose Private KeyKonstantinos Kallas2017-08-101-6/+39
| | | | Instead of signing the jose object with the account private key, it now signs the object using the certificate private key. This is useful in case the user wants to revoke a old certificate whose account key doesn't exist anymore.
* Support getting certificates for domains not specified in the configuration fileKonstantinos Kallas2017-08-101-17/+35
|
* Remove some debugging functionsKonstantinos Kallas2017-08-081-211/+1
|
* Implement renew_certificate commandKonstantinos Kallas2017-08-081-41/+144
| | | | This command renews the certificates for all domains that already have a certificate that has expired or is close to expiring. It is meant to be run automatically more often than the renewal process because if the certificates are valid nothing happens
* Try catch when formatting certificatesKonstantinos Kallas2017-08-081-21/+40
|
* Change certificate notAfter to 90 daysKonstantinos Kallas2017-08-081-5/+2
| | | | As stated in Let's Encrypt FAQ: https://letsencrypt.org/docs/faq/
* Improve return format of get_certificates commandKonstantinos Kallas2017-08-021-4/+37
|
* Implement verbose list_certificates optionKonstantinos Kallas2017-08-021-11/+20
|
* Finish revoke_certificate and add specsKonstantinos Kallas2017-07-291-140/+201
| | | | | 1. Add a try catch in the final revoke_certificate function 2. Also delete the certificate from persistent memory when it is done revoked
* Support certificate revocationKonstantinos Kallas2017-07-271-4/+68
|
* Encode strings using a library function and not my custom madeKonstantinos Kallas2017-07-251-16/+13
|
* Add a try catch arounf list certificatesKonstantinos Kallas2017-07-231-0/+11
|
* Pretty print list-certificatesKonstantinos Kallas2017-07-181-16/+51
|
* Print validity in list-certificatesKonstantinos Kallas2017-07-171-3/+31
|
* Add a stub for the list-certificates commandKonstantinos Kallas2017-07-171-0/+19
|
* Remove httpdir from some function arguments as we now use the built in ↵Konstantinos Kallas2017-07-171-18/+18
| | | | ejabberd http server for authorizations
* Save acquired certificates in persistent storageKonstantinos Kallas2017-07-171-9/+71
|
* Change the persistent data structure from a record to a proplistKonstantinos Kallas2017-07-171-8/+8
| | | | | This is done so that possible future updates to the data structure don't break existing code. With this change it will be possible to update the data structure and keep the same old persistent data file, which will still have the expected list format but with more properties
* Separate the persistent data structure functionsKonstantinos Kallas2017-07-171-17/+26
|
* Make some persistent data wrapper functionsKonstantinos Kallas2017-07-171-12/+17
|
* Solve acme challenges using built in http serverKonstantinos Kallas2017-07-121-7/+6
|
* Changle acme file permissionsKonstantinos Kallas2017-07-111-15/+48
| | | | Also changed some specs
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 23:38:01 +0000