Commit message (Collapse) | Author | Age | Files | |
---|---|---|---|---|
* | lacme: new option 'account --deactivate' | Guilhem Moulin | 2019-08-21 | 1 |
| | | | | For client-initiated account deactivation. See RFC 8555 sec. 7.3.6. | |||
* | Call iptables binaries from /usr/sbin not /sbin. | Guilhem Moulin | 2019-08-21 | 1 |
| | | | | | | | As of Buster this is the case, and the maintainer plans to drop compatibility symlinks once Bullseye is released. See /usr/share/doc/iptables/NEWS.Debian.gz . | |||
* | lacme, client: new dependency Date::Parse. | Guilhem Moulin | 2019-01-21 | 1 |
| | ||||
* | Use ACME v2 endpoints | Guilhem Moulin | 2018-04-27 | 1 |
| | | | | https://tools.ietf.org/html/draft-ietf-acme-acme-12 | |||
* | Update copyright infoupstream/0.3 | Guilhem Moulin | 2017-07-09 | 1 |
| | ||||
* | Bind webserver to /var/run/lacme-www.socket by default. | Guilhem Moulin | 2017-07-08 | 1 |
| | ||||
* | lacme: Specify minimum required Socket version 1.95. | Guilhem Moulin | 2017-07-01 | 1 |
| | ||||
* | Specify minimum required Perl versions. | Guilhem Moulin | 2017-07-01 | 1 |
| | ||||
* | Avoid hash slices. | Guilhem Moulin | 2017-07-01 | 1 |
| | | | | That's mostly what prevents us from supporting Perl older than 5.20. | |||
* | lacme(1), lacme-accountd(1): fix version number. | Guilhem Moulin | 2017-06-29 | 1 |
| | ||||
* | webserver: refuse to follow symlink when serving ACME challenge responses. | Guilhem Moulin | 2017-06-29 | 1 |
| | ||||
* | Change the default 'min-days' from 10 to 21. | Guilhem Moulin | 2017-06-28 | 1 |
| | | | | | | This avoids expiration notices from Let's Encrypt when auto-renewal is done by a cronjob: Let's Encrypt sends a notice 19 (then 9) days before expiration. | |||
* | new-cert: use File::Temp for the temporary cert filename. | Guilhem Moulin | 2017-06-28 | 1 |
| | | | | This ensures we aren't overwritting existing /path/to/srv.pem.new files. | |||
* | webserver: allow listening to multiple addresses. | Guilhem Moulin | 2017-06-28 | 1 |
| | | | | | | | | | | (Useful when dual-stack IPv4/IPv6 is not supported.) Also, change the default to listen to a UNIX-domain socket </var/run/lacme.socket>. Moreover temporary iptables rules are no longer installed. Hosts without a public HTTP daemon listening on port 80 need to set the 'listen' option to [::] and/or 0.0.0.0, and possibly set the 'iptables' option to Yes. | |||
* | new-cert: create certificate files atomically. | Guilhem Moulin | 2017-02-24 | 1 |
| | ||||
* | new-cert: mark basicConstraints and keyUsage x509v3 extensions as critical ↵ | Guilhem Moulin | 2017-02-22 | 1 |
| | | | | | | | in the CSR. Boulder's issue #565 "Golang errors on extensions marked critical" was fixed upstream, cf. https://github.com/letsencrypt/boulder/issues/565 . | |||
* | new-cert: new CLI option "min-days" | Guilhem Moulin | 2017-02-19 | 1 |
| | ||||
* | new-cert: sort section names if not passed explicitely. | Guilhem Moulin | 2017-02-19 | 1 |
| | ||||
* | Ensure lacme's config file descriptor has the FD_CLOEXEC bit set. | Guilhem Moulin | 2017-02-19 | 1 |
| | ||||
* | config-cert: import the default section of files already read. | Guilhem Moulin | 2017-02-19 | 1 |
| | ||||
* | wibble | Guilhem Moulin | 2017-02-19 | 1 |
| | ||||
* | s/lacme-certs.d/lacme-certs.conf.d/upstream/0.2 | Guilhem Moulin | 2016-12-05 | 1 |
| | ||||
* | "config-certs" now points to a list of files or directories. | Guilhem Moulin | 2016-12-05 | 1 |
| | ||||
* | s/fd-conn/conn-fd/ | Guilhem Moulin | 2016-12-05 | 1 |
| | ||||
* | s/--fdopen/--fd-conn/ | Guilhem Moulin | 2016-12-03 | 1 |
| | ||||
* | lacme: terminate the accountd when the ACME client terminates. | Guilhem Moulin | 2016-12-01 | 1 |
| | ||||
* | Revert "lacme: avoid spawning multiple accountd processes." | Guilhem Moulin | 2016-12-01 | 1 |
| | | | | | | This reverts commit 8faab5db6571972156f45b5838b23dbb0fadd5c4. We can't reuse the socket pair as we don't connect(2) to it. | |||
* | lacme: avoid spawning multiple accountd processes. | Guilhem Moulin | 2016-12-01 | 1 |
| | ||||
* | lacme: add an option --quiet to avoid mentioning valid certs. | Guilhem Moulin | 2016-12-01 | 1 |
| | ||||
* | Make lacme able to spawn lacme-accountd. | Guilhem Moulin | 2016-12-01 | 1 |
| | ||||
* | Stop mentioning GET-based renewal, as it was removed from the ACME IETF draft. | Guilhem Moulin | 2016-11-30 | 1 |
| | | | | | https://github.com/ietf-wg-acme/acme/issues/62 https://github.com/ietf-wg-acme/acme/pull/67 :-( | |||
* | Add link to Boulder issue #359 (Implement Certificate Refresh). | Guilhem Moulin | 2016-06-30 | 1 |
| | ||||
* | Add the short description in headers and manpages. | Guilhem Moulin | 2016-06-14 | 1 |
| | ||||
* | Rename ‘letsencrypt-tiny’ to ‘lacme’. | Guilhem Moulin | 2016-06-13 | 1 |