3d1e6768bb
cli: Self-enroll again only if cert is about to expire
2018-01-03 22:17:35 +00:00
e594371ee3
api: Update last seen status for VPN gateway during client update
2018-01-03 22:17:35 +00:00
40d84918eb
doc: Update Certidude screenshot
2017-12-31 23:55:14 +02:00
15f3e19da7
cli: Atomic write of /etc/systemd/system/openvpn-reconnect.service
2017-12-30 18:56:12 +00:00
150e3234b9
travis: Make sure /etc/hosts gets reset
2017-12-30 20:38:35 +02:00
d236af6b01
travis: Even less Travis magic
2017-12-30 20:34:43 +02:00
6fb7cbbcc7
travis: Set FQDN in advance
2017-12-30 20:28:48 +02:00
79ae57dc04
travis: Attempt to avoid Travis' Python magic
2017-12-30 20:19:24 +02:00
fccabddab5
travis: Preserve environment for sudo
2017-12-30 20:09:58 +02:00
b879b17324
travis: Attempt to use pip from Travis virtualenv
2017-12-30 17:25:29 +02:00
3ecba8e550
travis: Add system dependencies
2017-12-30 17:22:01 +02:00
59bedc1f16
Major refactor
...
* Migrate to Python 3
* Update token generator mechanism
* Switch to Bootstrap 4
* Switch from Iconmonstr to Font Awesome icons
* Rename default CA common name to "Certidude at ca.example.lan"
* Add self-enroll for the TLS server certificates
* TLS client auth for lease updating
* Compile assets from npm packages to /var/lib/certidude/ca.example.lan/assets
2017-12-30 14:00:19 +00:00
d32ec224d7
Install cryptography.io just for unittests
2017-08-16 21:08:20 +00:00
c45a5df773
Remove unused setproctitle import
2017-08-16 23:30:42 +03:00
9745367ebd
Add csrbuilder as dependency
2017-08-16 23:26:42 +03:00
509f7bfaa8
Migrate from cryptography.io to oscrypto
2017-08-16 20:25:16 +00:00
789d80d712
api: Save enrollment IP address
2017-08-10 00:45:43 +03:00
783bba3474
Add OpenWrt/LEDE integration guide
2017-08-09 16:18:32 +03:00
f7d8e95aa8
tests: Fix /api/revoked check
2017-07-29 21:27:15 +00:00
bce906db36
Migrate authority setup to certbuilder
2017-07-29 20:55:46 +00:00
f069688a9a
Add basic DoS prevention measures
2017-07-29 23:19:37 +03:00
dc67e46010
Add OpenWrt/LEDE integration script
2017-07-13 17:36:52 +03:00
03b9778170
Better starttup/shutdown notification
2017-07-11 18:57:19 +00:00
d44b6035c2
Embed OCSP responder URL in certificate
2017-07-08 12:08:39 +00:00
47d2d37684
Add missing import for setxattr
2017-07-08 12:08:23 +00:00
9008744c48
api: Make logger use unicode literals
2017-07-08 08:56:01 +00:00
1f1ca2c211
cli: Drop package management provided cryptography.io and falcon
2017-07-08 08:55:43 +00:00
486a5d3459
tests: Lazier import for xattr
2017-07-08 08:51:00 +00:00
a48331a9cb
tests: Add test for machine attribute updates
2017-07-07 21:07:25 +00:00
39363a57c7
tests: More coverage
2017-07-06 09:29:02 +00:00
34c72aaa9e
tests: Fixes and better code coverage
2017-07-06 08:15:44 +00:00
e25c774fa3
Bugfixes and test for SCEP
2017-07-05 21:22:02 +00:00
9b5511212e
Several changes
...
* OCSP workaround for StrongSwan
* Machine attributes framework
* Scripting support
* Default to nginx frontend
2017-07-05 18:22:03 +03:00
d08a3f9f92
cli: Fix certidude request
dependency handling
2017-06-04 14:48:28 +00:00
ecb1d9b3f3
Better fallback for FQDN detection
2017-06-04 14:33:47 +00:00
0a98b3f82e
Add tests for OCSP, several bugfixes
2017-06-04 14:19:29 +00:00
61aa54695e
cli: Migrate client side to oscrypto
2017-05-27 21:17:21 +03:00
5d48abe973
api: Preliminary OCSP support
2017-05-25 22:20:45 +03:00
5ae872e1ea
api: Add preliminary SCEP support
2017-05-18 22:29:49 +03:00
a5ad9238a1
cli: Lazier import for pwd
2017-05-12 20:52:25 +00:00
f4901593e1
cli: Use variable name authority instead of server
2017-05-12 20:52:06 +00:00
eecfbee384
tests: Fix signer shutdown and add tests for event source
2017-05-09 09:48:24 +00:00
b77a427949
api: Submit inner and outer IP address when updating lease
2017-05-08 20:33:20 +00:00
dfb90689db
tests: Disable LDAP auth check for now
2017-05-08 16:49:45 +00:00
09f5b11505
tests: Add tests for machine keytab auth
2017-05-08 16:25:59 +00:00
e27b3ff9d1
tests: Never verify TLS certfs for LDAP
2017-05-08 10:27:27 +00:00
17c4e157e7
tests: Attempt to build for trusty and xenial both
2017-05-08 10:27:02 +00:00
4e41655532
api: Better error message when confronted with NTLM
2017-05-08 10:26:11 +00:00
545febf3d0
tests: Cover LDAP auth and more
2017-05-07 22:14:58 +00:00
a4a31ca2c6
Mailer always enabled
2017-05-07 20:49:58 +00:00