Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Change file mode of ACME certficates | Evgeniy Khramtsov | 2017-11-19 | 1 | -4/+10 |
| | |||||
* | Re-read ACME certificates on config reload | Evgeniy Khramtsov | 2017-11-19 | 1 | -1/+3 |
| | |||||
* | Fix renew_certificates ejabberdctl command | Evgeniy Khramtsov | 2017-11-17 | 1 | -3/+3 |
| | | | | Thanks to Konstantinos Kallas | ||||
* | Don't forget to include intermediate ACME certificate | Evgeniy Khramtsov | 2017-11-17 | 1 | -3/+7 |
| | | | | Thanks to Konstantinos Kallas | ||||
* | Fix ACME options validation | Evgeniy Khramtsov | 2017-11-17 | 1 | -2/+2 |
| | |||||
* | Improve ACME options validation | Evgeniy Khramtsov | 2017-11-17 | 1 | -11/+12 |
| | |||||
* | Move ejabberdctl ACME commands to other location | Evgeniy Khramtsov | 2017-11-17 | 1 | -22/+73 |
| | |||||
* | Make ACME code working with ejabberd_pkix | Evgeniy Khramtsov | 2017-11-17 | 1 | -63/+67 |
| | |||||
* | Merge branch 'lets_encrypt_acme_support' of ↵ | Evgeniy Khramtsov | 2017-11-15 | 1 | -0/+3 |
| | | | | | | | | git://github.com/angelhof/ejabberd into angelhof-lets_encrypt_acme_support Conflicts: rebar.config src/ejabberd_pkix.erl | ||||
* | Explain what is needed for the acme configuration and other small changes | Konstantinos Kallas | 2017-11-14 | 1 | -32/+47 |
| | | | | | | | 1. Add a request handler in ejabberd_http and explain how to configure the http listener so that the challenges can be solved. 2. Make acme configuration optional by providing defaults in ejabberd_acme. 3. Save the CA that the account has been created in so that it creates a new account when connecting to a new CA. 4. Small spec change in acme configuration. | ||||
* | Solve Travis build xref problem | Konstantinos Kallas | 2017-09-06 | 1 | -5/+18 |
| | | | | | Travis build failed on xref because some functions that I used did not exist in OTP versions 17.5, 18.3 Those functions are: ets:take/2, lists:join/2, erlang:timestamp/0. | ||||
* | Remove some unused variable warnings, replace lists:join with string join | Konstantinos Kallas | 2017-08-25 | 1 | -7/+6 |
| | |||||
* | Show SANs in list_Certificates | Konstantinos Kallas | 2017-08-22 | 1 | -9/+37 |
| | |||||
* | Acquire certificates for all subdomains of a host and include them in SAN | Konstantinos Kallas | 2017-08-22 | 1 | -10/+42 |
| | |||||
* | Remove partial RSA key support | Konstantinos Kallas | 2017-08-22 | 1 | -20/+0 |
| | |||||
* | Add certfile when acquired | Konstantinos Kallas | 2017-08-22 | 1 | -0/+1 |
| | |||||
* | Remove some debugging INFO_MSGs | Konstantinos Kallas | 2017-08-19 | 1 | -3/+0 |
| | |||||
* | Delete a development acme module | Konstantinos Kallas | 2017-08-19 | 1 | -1/+1 |
| | |||||
* | Merge remove_account_option branch | Konstantinos Kallas | 2017-08-19 | 1 | -12/+16 |
|\ | |||||
| * | Remove the new account option from get certificate. There is no reason for ↵ | Konstantinos Kallas | 2017-08-11 | 1 | -13/+17 |
| | | | | | | | | having this | ||||
* | | Cleanup some comments: | Konstantinos Kallas | 2017-08-19 | 1 | -5/+0 |
| | | |||||
* | | Add acme certificates for all configured hosts in ejabberd_pkix | Konstantinos Kallas | 2017-08-19 | 1 | -0/+21 |
| | | |||||
* | | Add behaviour ejabberd_config in ejabberd_acme in order to validate the config | Konstantinos Kallas | 2017-08-19 | 1 | -4/+36 |
| | | |||||
* | | Change some specs | Konstantinos Kallas | 2017-08-12 | 1 | -8/+8 |
| | | |||||
* | | Add support to revoke a certificate by providing the pem | Konstantinos Kallas | 2017-08-12 | 1 | -12/+40 |
| | | | | | | | | This is important so that a user can revoke a certificate that is not acquired or logged from our acme client | ||||
* | | Move the ca_url to the config file | Konstantinos Kallas | 2017-08-12 | 1 | -10/+24 |
|/ | |||||
* | Format expired certificates differently in list_certificates | Konstantinos Kallas | 2017-08-11 | 1 | -10/+23 |
| | |||||
* | Renew certificate now renews all saved certificates that are close to expire | Konstantinos Kallas | 2017-08-10 | 1 | -32/+15 |
| | | | | Before this commit renew_certificate only checked the hosts in the config file and renewd the certificates for those. However the user can request certificates apart from the hosts in the config file so he should be able to also renew them. | ||||
* | Revoke Certificate: Jose Private Key | Konstantinos Kallas | 2017-08-10 | 1 | -6/+39 |
| | | | | Instead of signing the jose object with the account private key, it now signs the object using the certificate private key. This is useful in case the user wants to revoke a old certificate whose account key doesn't exist anymore. | ||||
* | Support getting certificates for domains not specified in the configuration file | Konstantinos Kallas | 2017-08-10 | 1 | -17/+35 |
| | |||||
* | Remove some debugging functions | Konstantinos Kallas | 2017-08-08 | 1 | -211/+1 |
| | |||||
* | Implement renew_certificate command | Konstantinos Kallas | 2017-08-08 | 1 | -41/+144 |
| | | | | This command renews the certificates for all domains that already have a certificate that has expired or is close to expiring. It is meant to be run automatically more often than the renewal process because if the certificates are valid nothing happens | ||||
* | Try catch when formatting certificates | Konstantinos Kallas | 2017-08-08 | 1 | -21/+40 |
| | |||||
* | Change certificate notAfter to 90 days | Konstantinos Kallas | 2017-08-08 | 1 | -5/+2 |
| | | | | As stated in Let's Encrypt FAQ: https://letsencrypt.org/docs/faq/ | ||||
* | Improve return format of get_certificates command | Konstantinos Kallas | 2017-08-02 | 1 | -4/+37 |
| | |||||
* | Implement verbose list_certificates option | Konstantinos Kallas | 2017-08-02 | 1 | -11/+20 |
| | |||||
* | Finish revoke_certificate and add specs | Konstantinos Kallas | 2017-07-29 | 1 | -140/+201 |
| | | | | | 1. Add a try catch in the final revoke_certificate function 2. Also delete the certificate from persistent memory when it is done revoked | ||||
* | Support certificate revocation | Konstantinos Kallas | 2017-07-27 | 1 | -4/+68 |
| | |||||
* | Encode strings using a library function and not my custom made | Konstantinos Kallas | 2017-07-25 | 1 | -16/+13 |
| | |||||
* | Add a try catch arounf list certificates | Konstantinos Kallas | 2017-07-23 | 1 | -0/+11 |
| | |||||
* | Pretty print list-certificates | Konstantinos Kallas | 2017-07-18 | 1 | -16/+51 |
| | |||||
* | Print validity in list-certificates | Konstantinos Kallas | 2017-07-17 | 1 | -3/+31 |
| | |||||
* | Add a stub for the list-certificates command | Konstantinos Kallas | 2017-07-17 | 1 | -0/+19 |
| | |||||
* | Remove httpdir from some function arguments as we now use the built in ↵ | Konstantinos Kallas | 2017-07-17 | 1 | -18/+18 |
| | | | | ejabberd http server for authorizations | ||||
* | Save acquired certificates in persistent storage | Konstantinos Kallas | 2017-07-17 | 1 | -9/+71 |
| | |||||
* | Change the persistent data structure from a record to a proplist | Konstantinos Kallas | 2017-07-17 | 1 | -8/+8 |
| | | | | | This is done so that possible future updates to the data structure don't break existing code. With this change it will be possible to update the data structure and keep the same old persistent data file, which will still have the expected list format but with more properties | ||||
* | Separate the persistent data structure functions | Konstantinos Kallas | 2017-07-17 | 1 | -17/+26 |
| | |||||
* | Make some persistent data wrapper functions | Konstantinos Kallas | 2017-07-17 | 1 | -12/+17 |
| | |||||
* | Solve acme challenges using built in http server | Konstantinos Kallas | 2017-07-12 | 1 | -7/+6 |
| | |||||
* | Changle acme file permissions | Konstantinos Kallas | 2017-07-11 | 1 | -15/+48 |
| | | | | Also changed some specs |