Daniel Berteaud
b92cac74ca
Spec file update
2017-03-15 10:31:50 +01:00
Daniel Berteaud
d3f400a56b
Set default URI to prod
2017-03-15 09:52:54 +01:00
Daniel Berteaud
6e3b96982c
Spec file update
2016-11-23 09:19:03 +01:00
Daniel Berteaud
6ef45f251a
Send the 1 command to imap and not imaps to update imapd.pem on SME 8
2016-11-23 09:05:41 +01:00
Daniel Berteaud
d8047b0ce1
Spec file update
2016-10-24 15:51:58 +02:00
Daniel Berteaud
c8a056ab56
Rename cron template metadata
2016-10-24 12:20:14 +02:00
Daniel Berteaud
a611e3fa84
Spec file update
2016-09-15 18:42:04 +02:00
Daniel Berteaud
ad07400004
Update hook wrapper path
2016-09-15 12:40:29 +02:00
Daniel Berteaud
d6a984d862
Update well-known directory
2016-09-15 12:35:29 +02:00
Daniel Berteaud
b9105310d9
Fix migrating cert path
2016-09-15 12:35:03 +02:00
Daniel Berteaud
ded0c3eb5e
Adapt for the rename to dehydrated
2016-09-15 11:37:57 +02:00
Daniel Berteaud
fe296869b3
Spec file update
2016-06-27 17:40:03 +02:00
Daniel Berteaud
789d868e89
Fix deploy hook on sme8
...
There was two problems: the manual expand-template for the pem file was wrong, and the smeserver-letsencrypt-client rpm provided the /etc/e-smith/event/ssl-update event. So the test for it not existing was always false. But this event did nothing except expand a single config template, no ssl cert was being updated
2016-06-27 17:37:36 +02:00
Daniel Berteaud
71628a7621
Spec file update
2016-06-24 12:34:37 +02:00
Daniel Berteaud
39d2e30398
Fix cron syntax for random sleep command
2016-06-24 12:30:33 +02:00
Daniel Berteaud
d92beb01b1
Spec file update
2016-06-06 19:33:19 +02:00
Daniel Berteaud
73a2dbcaf8
Always add letsencrypt alias
...
so if a domain has letsencrypt support disabled, but has at least one hostname attached to this domain with letsencrypt enabled, it can validate its challenge
2016-06-06 19:19:58 +02:00
Daniel Berteaud
2417beb270
Don't force Letsencrypt support on primary domain
2016-06-06 18:57:03 +02:00
Daniel Berteaud
8a58ddb102
Add a wrapper script for letsencrypt.sh
...
This wrapper support a new ProxyPassACMEChallengesDisableOnRenew prop which allows disabling ACME challenge proxypass only during the renewal
2016-06-06 18:44:50 +02:00
Daniel Berteaud
dc0f2ff539
Spec file update
2016-05-31 17:05:26 +02:00
Daniel Berteaud
e646cd1705
Set DOMAINS_TXT in config
2016-05-31 15:42:50 +02:00
Daniel Berteaud
a9387cd1bd
Rename config.sh to config
2016-05-31 15:40:48 +02:00
Daniel Berteaud
dbc8bcd902
Define %clean before %files
...
So the epel macro are not used
2016-04-11 16:38:43 +02:00
Daniel Berteaud
8604070614
Spec file update
2016-04-11 16:28:02 +02:00
Daniel Berteaud
d772e84feb
Use chain.pem instead of fullchain.pem
...
As some older OpenSSL (like the one in Debian 7) don't like the final cert being in the intermediate chain
2016-04-11 16:26:41 +02:00
Daniel Berteaud
5959177ccb
Spec file update
2016-01-31 11:38:24 +01:00
Daniel Berteaud
5467cea2c2
Fix cron template
2016-01-31 11:31:36 +01:00
Daniel Berteaud
38e228cb49
Typo in templates name
2016-01-31 11:23:45 +01:00
Daniel Berteaud
ddb4abb9d4
Turn RevokeOldCertificates on by default
2016-01-31 11:16:44 +01:00
Daniel Berteaud
708789e893
Expand cron.daily/letsencrypt instead of crontab
2016-01-31 11:14:57 +01:00
Daniel Berteaud
a95bccf47f
Make Renewal configurable
2016-01-31 10:51:28 +01:00
Daniel Berteaud
bae49f049e
Revoke old certs in a separated script
...
We cannot call letsencrypt.sh from a hook script, as there's a lock file
2016-01-31 10:48:57 +01:00
Daniel Berteaud
0540516807
Spec file update
2016-01-29 18:09:49 +01:00
Daniel Berteaud
bae34ca9f1
Better AltName selection and deduplication
2016-01-29 16:46:31 +01:00
Daniel Berteaud
4fb5dd3018
Rename le-update to letsencrypt-update
2016-01-29 15:45:52 +01:00
Daniel Berteaud
752f3d3a41
Add a Uri prop to choose between production or staging CA
...
And default to staging
2016-01-29 09:36:37 +01:00
Daniel Berteaud
b088baa65d
String must be quoted
2016-01-25 18:57:33 +01:00
Daniel Berteaud
6651e5dcc6
Cron syntax was wrong
2016-01-25 17:59:06 +01:00
Daniel Berteaud
9163bbd3c3
Send stdout and stderr in logs, but print stderr also
...
So a failed cron job will be emailed to the admin
2016-01-25 16:17:13 +01:00
Daniel Berteaud
233c6e4945
Add some sanity check to args passed to hook handler
2016-01-25 16:11:24 +01:00
Daniel Berteaud
eedcb47c0b
Call le_hooks.sh
2016-01-25 16:01:07 +01:00
Daniel Berteaud
3a24f881ba
Adapt hook scripts
2016-01-25 15:20:04 +01:00
Daniel Berteaud
c926162fc3
Rename hook script
...
SO it's easier to order with others
2016-01-25 15:14:52 +01:00
Daniel Berteaud
fa5b40587b
Move hook script to /etc/letsencrypt.sh/hooks_deploy_cert.d
...
And also make it working on older SME (without ssl-update event)
2016-01-25 15:13:46 +01:00
Daniel Berteaud
692a33a1f1
Spec file update
2016-01-25 11:10:57 +01:00
Daniel Berteaud
88a7d5fda0
Possibility to explicitely disable Self hosts
2016-01-24 21:12:34 +01:00
Daniel Berteaud
ebdeabf799
Log cron jobs
2016-01-24 19:04:32 +01:00
Daniel Berteaud
89ec028659
Don't exec letsencrypt.sh in le-update
2016-01-24 18:14:08 +01:00
Daniel Berteaud
7a46806df6
No need to specify hook on cmd line
2016-01-24 17:57:36 +01:00
Daniel Berteaud
88890c22fd
Change challenge directory
2016-01-24 17:35:01 +01:00