Girish Ramakrishnan
9cd025972c
Try acme flow 3 times
2019-10-03 14:47:18 -07:00
Girish Ramakrishnan
21111eccc4
retry downloadCertificate
2019-10-03 14:37:12 -07:00
Girish Ramakrishnan
917079f341
Add error message to network error
2019-10-03 14:33:49 -07:00
Girish Ramakrishnan
7e75ef7685
cert: add more debugs
2019-10-03 10:36:57 -07:00
Girish Ramakrishnan
d9723b72e4
Replace Acme2Error with BoxError
2019-09-25 14:13:10 -07:00
Girish Ramakrishnan
81b721be2b
Fix buffer warnings
2019-03-21 20:06:14 -07:00
Girish Ramakrishnan
ff359c477f
acme: Wait for 5mins
...
often, let's encrypt is failing to get the new DNS. not sure why
2019-01-21 10:45:43 -08:00
Girish Ramakrishnan
4142d7a050
Fix error handling of all the execSync usage
2018-11-23 13:11:15 -08:00
Girish Ramakrishnan
a0306c69e1
remove unused acme1.js
...
it got merged to acme2.js
2018-11-23 13:11:15 -08:00
Girish Ramakrishnan
c09aa2a498
Make LE work with hyphenated domains
2018-11-01 19:08:05 -07:00
Girish Ramakrishnan
8dd3c55ecf
Use async unlink
2018-09-28 17:05:53 -07:00
Girish Ramakrishnan
1ee902a541
typoe
2018-09-28 17:01:56 -07:00
Girish Ramakrishnan
5a8a4e7907
acme2: Display any errors when cleaning up challenge
2018-09-28 14:33:08 -07:00
Girish Ramakrishnan
3b5be641f0
acme2: fix challenge subdomain calculation in cleanup
2018-09-28 13:24:34 -07:00
Girish Ramakrishnan
a34fe120fb
TXT values must be quoted
2018-09-27 20:17:39 -07:00
Girish Ramakrishnan
e69004548b
waitForDnsRecord: use subdomain as argument
...
this allows to hyphenate the subdomain correctly in all places
the original issue was that altDomain in caas was not working
because waitForDnsRecord was not hyphenating.
2018-09-22 11:26:33 -07:00
Girish Ramakrishnan
ed14115ff1
Fix new account return value
...
https://tools.ietf.org/html/draft-ietf-acme-acme-07#section-7.3
2018-09-17 15:30:16 -07:00
Girish Ramakrishnan
6d9c6ffba3
acme2: register new account returns 201
2018-09-17 15:19:19 -07:00
Girish Ramakrishnan
6ba574432a
calculate subdomain correctly for non-wildcard domains
2018-09-12 15:55:20 -07:00
Girish Ramakrishnan
96075c7c20
Fix double callback
2018-09-12 14:43:15 -07:00
Girish Ramakrishnan
64665542bc
select app's cert based on domain's wildcard flag
...
this also removes the confusing type field in the bundle. we instead
check the current nginx config to see what cert is in use.
2018-09-12 14:22:54 -07:00
Girish Ramakrishnan
c138c4bb5f
acme2: implement wildcard certs
2018-09-11 23:15:50 -07:00
Girish Ramakrishnan
35f69cfea9
acme2: wait for dns
2018-09-11 19:41:41 -07:00
Girish Ramakrishnan
d0dde04695
acme2: dns authorization
2018-09-10 21:46:53 -07:00
Girish Ramakrishnan
2f38a4018c
pass domain arg to getCertificate API
2018-09-10 20:48:47 -07:00
Girish Ramakrishnan
f38b87c660
lint
2018-09-10 20:30:38 -07:00
Girish Ramakrishnan
9bac2acc37
Fix callback use
2018-09-10 17:39:13 -07:00
Girish Ramakrishnan
68536b6d7d
acme2 implementation
2018-09-10 16:26:24 -07:00
Girish Ramakrishnan
017460b497
acme -> acme1
2018-09-10 10:57:48 -07:00
Girish Ramakrishnan
8e500e0243
caas: make the cert provider use domain fallback certs
2018-01-30 14:18:34 -08:00
Johannes Zellner
07626dacb5
Ensure certificates needs to be multidomain aware
2017-11-20 20:01:50 +01:00
Girish Ramakrishnan
48a52fae2e
LE agreement URL has changed
2017-11-17 10:35:58 -08:00
Girish Ramakrishnan
504662b466
acme: link url is absolute in le-staging
...
Part of #217
2017-02-15 10:40:05 -08:00
Johannes Zellner
456cb22ac0
this and that typo
2016-12-30 11:32:56 +01:00
Girish Ramakrishnan
bc75d07391
Remove ursa dependancy
...
ursa uses native code and doing a npm rebuild often runs out of
memory in low memory cloudrons
2016-12-30 00:13:35 -08:00
Johannes Zellner
b1be65d9ce
Add fallback certificate backend
2016-12-05 17:01:23 +01:00
Johannes Zellner
eacc4412ba
We don't use tabs but 4 spaces
2016-12-05 16:07:06 +01:00
Girish Ramakrishnan
bafc35f99e
Revert "Use in-place replacement ursa-purejs for native ursa"
...
This reverts commit 8e033dc387
2016-10-13 21:41:04 -07:00
Johannes Zellner
8e033dc387
Use in-place replacement ursa-purejs for native ursa
...
The native modules often cause headaches with rebuilds
2016-10-13 11:23:57 +02:00
Girish Ramakrishnan
c12ee50b3b
dump the body for debugging
2016-10-11 19:29:23 -07:00
Girish Ramakrishnan
9b83a4d776
add certificate interface file
2016-10-07 14:09:20 -07:00
Girish Ramakrishnan
c1bb264065
Set a timeout for superagent
...
The default is 'no timeout' and it will wait for the response forever.
https://github.com/visionmedia/superagent/issues/17#issuecomment-207742985
2016-09-12 13:06:18 -07:00
Girish Ramakrishnan
451c770b5c
ACME agreement url has changed
2016-08-02 10:40:17 -07:00
Girish Ramakrishnan
8cfbf92adc
fix acme prod setting detection
2016-06-22 15:55:53 -05:00
Girish Ramakrishnan
9e8179a235
up link is relative
2016-03-29 14:02:53 -07:00
Girish Ramakrishnan
2c4cf0a505
Download intermediate cert following the 'up' Link
2016-03-29 12:51:05 -07:00
Girish Ramakrishnan
75ed9c4a63
Check for key file instead of csr file
...
1) csr file in older backups got corrupt
2) new key results in a new cert request in LE (for rate limits)
2016-03-19 18:49:55 -07:00
Girish Ramakrishnan
14ef71002f
write the DER cert properly into the csr file
2016-03-19 14:07:58 -07:00
Girish Ramakrishnan
017c32c3dd
fix certificate renewal
...
Do the whole acme flow for certificate renewal. the idea here is
simply reuse the key and the csr. In this case, it does not count
as a new certificate issuance.
https://github.com/diafygi/letsencrypt-nosudo/issues/55
2016-03-19 02:44:05 -07:00
girish@cloudron.io
7f2b3eb835
acme: disable renewal via url fetch for now
...
this does not seem to work.
From cf85854177
2016-03-14 22:22:57 -07:00
