a094db794b
cli: Fix extended key usage flags for authority setup script
2016-03-29 19:43:50 +03:00
c644b065ef
Migrate authority setup from PyOpenSSL to cryptography.io
2016-03-29 19:29:06 +03:00
af60fd8047
cli: Fix authority setup script
2016-03-29 18:37:28 +03:00
476a312b4e
ui: Fix autosign subnets listing
2016-03-29 15:47:00 +03:00
09a67718ab
Expose certificate and CRL lifetime via session API call
2016-03-29 15:43:34 +03:00
d8f1e36ecf
Reduce default CRL lifetime to 20min
2016-03-29 15:17:44 +03:00
6de010a411
Make /api/revoked conform to RFC5280
2016-03-29 13:28:58 +03:00
1475828899
Fix CRL distriution points and add authority information access extensions
2016-03-29 12:29:15 +03:00
e721648328
Use common name instead of IP address as listening address for IPSec gateway
2016-03-29 12:28:10 +03:00
799b9e19c8
Use unicode literals for logging
2016-03-29 08:54:55 +03:00
acc0e29109
Add AKID and SKID
2016-03-29 08:47:43 +03:00
ff71ca42d7
Move GSSAPI credcache from authorization config section to accounts
2016-03-29 08:45:17 +03:00
22846327a0
Fix is_admin of PosixUserManager
2016-03-29 08:44:07 +03:00
de42d97b59
Add $ssl_client_s_dn_cn for nginx config template
2016-03-29 08:28:48 +03:00
f88a970e2a
Attempt to fix CA test
2016-03-28 00:18:41 +03:00
8ca809b546
Remove dependency on particular version of configparser
2016-03-28 00:07:39 +03:00
9afafea833
Add sudo for Travis' apt-get
2016-03-28 00:04:03 +03:00
3d32de8cad
Documentation fixes and attempt to fix Travis
2016-03-28 00:00:41 +03:00
925bc0ef9a
Refactor users, add OpenVPN and mailing support
...
* Add abstraction for user objects
* Mail authority admins about pending, revoked and signed certificates
* Add NetworkManager's OpenVPN plugin support
* Improve CRL support
* Refactor CSRF protection
* Update documentation
2016-03-27 23:38:14 +03:00
811e6dbb08
Complete overhaul
...
* Switch to Python 2.x due to lack of decent LDAP support in Python 3.x
* Add LDAP backend for authentication/authorization
* Add PAM backend for authentication
* Add getent backend for authorization
* Add preliminary CSRF protection
* Update icons
* Update push server documentation, use nchan from now on
* Add P12 bundle generation
* Add thin wrapper around Python's SQL connectors
* Enable mailing subsystem
* Add Kerberos TGT renewal cronjob
* Add HTTPS server setup commands for nginx
2016-03-21 23:42:39 +02:00
ffdab4d36d
Update strongSwan leftupdown script
2016-03-01 13:52:10 +02:00
d38a9a8103
Add preliminary PKCS#12 bundle generation
2016-03-01 11:01:53 +02:00
449dcea821
Add preliminary PAM authentication backend
2016-02-29 23:06:42 +02:00
4240d55fe4
Add preliminary Python 2.x support
2016-02-28 22:37:56 +02:00
5eed7cb6d9
ui: Add blue color for recently seen clients
2016-02-17 21:44:33 +02:00
489de4ec79
ui: Bundle template JavaScript
2016-02-17 16:16:00 +02:00
114e67ed6a
api: Use nchan headers for pushing events
2016-02-17 16:15:06 +02:00
b830ce7671
api: Fix exception includes
2016-01-25 11:19:08 +02:00
661e7608ef
ui: Precompile nunjucks templates
2016-01-25 11:18:19 +02:00
7cb9f04972
Add routes for NetworkManager only if they have been specified
2016-01-15 18:09:03 +02:00
6bfa1ccf9c
cli: Fix typo
2016-01-15 13:50:45 +02:00
589a31eb3d
Sanitize configuration file section names
2016-01-15 13:48:24 +02:00
704523626b
Rename spawn commands
2016-01-15 11:18:27 +02:00
f2df17bb88
Refactor signature request submission
...
Certidude client now reads configuration from
/etc/certidude/client.conf, submits CSR-s and
once signed configures services based on
/etc/certidude/services.conf
2016-01-15 00:47:30 +02:00
d8abde3d53
Refactor request submission
...
API now properly distinguishes duplicate request from other requests with same common name.
2016-01-14 11:02:57 +02:00
aacf94bb28
Fix encoding error in duplicate request check
2016-01-14 10:44:26 +02:00
21c436ec88
Merge branch 'master' of https://github.com/laurivosandi/certidude
...
Conflicts:
certidude/cli.py
2016-01-10 19:53:02 +02:00
de08ba759d
Release version 0.1.20
2016-01-10 19:51:54 +02:00
6a45592cd0
api: Fix CRL generation
2016-01-02 01:08:04 +02:00
0fb605ce27
api: Fix packaging
2016-01-02 01:06:30 +02:00
67c6a49dff
api: Use uwsgi provided socket for nginx
2016-01-02 01:05:48 +02:00
1b50b8a371
cli: Fix group ownership for authority setup
2015-12-24 13:58:24 +00:00
8864af6072
Merge branch 'master' of github.com:laurivosandi/certidude
2015-12-23 14:49:00 +00:00
7f48476173
doc: Cleaned up nginx configration bits
2015-12-23 14:48:31 +00:00
Lauri Võsandi
6977d7148e
cli: Send Accept header when requesting signed certificate
2015-12-23 16:10:00 +02:00
af4d50db17
ui: Added product serial tag
2015-12-23 11:46:27 +00:00
c59198887c
api: Fixed API call for querying leases
2015-12-18 12:49:37 +00:00
ece05a21e0
cli: Added closeaction=restart to ipsec.conf template
2015-12-16 21:55:49 +00:00
da6600e2e9
api: Added signed certificate tagging mechanism
2015-12-16 17:41:49 +00:00
901b0f7224
api: Fix lookup of user context variable
2015-12-13 18:27:09 +00:00
