summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-11-30etc/ca-ssl.conf: sha1 -> sha256v0.4Erich Eckner
2020-03-12neue Version: 0.3.3v0.3.3Erich Eckner
2020-03-12sign-request: force connection to ip of ssh clientErich Eckner
2020-03-12neue Version: 0.3.2v0.3.2Erich Eckner
2020-03-12sign-request: check *all* addresses of a given san - one working address is ↵Erich Eckner
sufficient
2020-02-13etc/ca-ssl.conf: updated according to email on openssl-users@openssl.orgErich Eckner
2020-01-14neue Version: 0.3.1v0.3.1Erich Eckner
2020-01-14rotate-keys: fix typo in variable nameErich Eckner
2020-01-14neue Version: 0.3v0.3Erich Eckner
2020-01-14rotate-keys: fix date-logic for now-uncached keysErich Eckner
2020-01-14set proper name for casErich Eckner
2020-01-14rotate-keys: use new server keys immediatelyErich Eckner
2020-01-13neue Version: 0.2.6v0.2.6Erich Eckner
2020-01-13etc/ca-ssl.conf: different names for root and intermediate caErich Eckner
2019-12-12Makefile: install as root if http is unavailablev0.2.5Erich Eckner
2019-12-12sign-ca.in: mostly revert 96826744, it was right(er) beforeErich Eckner
2019-12-09neue Version: 0.2.4v0.2.4Erich Eckner
2019-12-09sign-ca.in: keep serialErich Eckner
2019-12-09sign-ca.in: bugfixErich Eckner
2019-12-09neue Version: 0.2.3v0.2.3Erich Eckner
2019-12-09sign-ca.in: copy *correct* old certificate to serverErich Eckner
2019-12-09neue Version: 0.2.2v0.2.2Erich Eckner
2019-12-09sign-request.in: use the old ca for some time (the new ca may need some time ↵Erich Eckner
to circulate to clients)
2019-12-09sign-ca.in: old root-ca and old signing-ca should get .old suffix behind ↵Erich Eckner
"ca" to be still operable
2019-12-09ca_min_duration -> ca_keep_durationErich Eckner
2019-12-09neue Version: 0.2.1v0.2.1Erich Eckner
2019-12-09*.timer: run once a day, not once a quarter yearErich Eckner
2019-12-06neue Version: 0.2v0.2Erich Eckner
2019-12-06new sign-ca and/or root-ca means, we need to exchange the directory with the ↵Erich Eckner
issued certificates, too - this means, we should handle creation of those in sign-ca, not in the Makefile
2019-10-10neue Version: 0.1v0.1Erich Eckner
2019-09-26rotate-keys.timer: fix typoErich Eckner
2019-09-23neue Version: 0.0.6v0.0.6Erich Eckner
2019-09-23rotate-keys: small cleanupErich Eckner
2019-09-23rotate-keys: abort if tmp_dir cannot be createdErich Eckner
2019-09-09neue Version: 0.0.5v0.0.5Erich Eckner
2019-09-09rotate-keys: only complain if EXIT trap is setErich Eckner
2019-09-05sign for 60 daysErich Eckner
2019-09-03neue Version: 0.0.4v0.0.4Erich Eckner
2019-09-03sign-request.in: check SANs via http if csr was not retrieved via httpsErich Eckner
2019-09-03sign-request: connection-timeout 10 for curlErich Eckner
2019-09-03rotate-keys: use http if encryption keys were not yet available (assume ↵Erich Eckner
nginx.conf reflects state of keys)
2019-09-03neue Version: 0.0.3v0.0.3Erich Eckner
2019-09-03sign-request: more verbose error messageErich Eckner
2019-09-03rotate-keys.timer: fix OnCalendar settingErich Eckner
2019-09-02rotate-keys: do not use "exec su ..." it gets rid of our trapsErich Eckner
2019-09-02neue Version: 0.0.2v0.0.2Erich Eckner
2019-09-02sign-request: still requires remove_leading_spaces()Erich Eckner
2019-09-02rotate-keys: should look for *.chain, tooErich Eckner
2019-09-02Makefile: chmod +x sign-request, tooErich Eckner
2019-09-02rotate-keys: fiy typoErich Eckner