Commit Graph

165 Commits

Author SHA1 Message Date
neil
1add47a6b6 support ECC key, ECDSA certificate 2016-02-12 17:56:50 +08:00
neil
0f71a9fe96 Use openssl dgst -sha256 instead of openssl sha 2016-02-12 08:54:28 +08:00
Thomas
2c06a14d19 renew() should return the function result code of issue()
currently the renew function does always return 0 even when the cert issuing failed. for now just return the function return code of issue(). 

maybe an additional offset (like +100) should be added to distinguish the issue error codes from the renew error codes.
2016-02-11 22:45:21 +01:00
neil
0809486529 support cloudxns.com api 2016-02-07 18:26:12 +08:00
neil
ce56c1bbfc generate default sample account.conf for the first time install 2016-02-06 23:23:00 +08:00
neil
b47723adbb minor, renewAll skip 'dnsapi' folder. 2016-02-06 23:06:05 +08:00
neil
7e3cbb4661 fix issue, decode the error message. 2016-02-06 13:32:46 +08:00
neil
94917d1e0b load account.conf at a earlier time, so that "STAGE" macro can be placed in the conf file. 2016-02-02 13:05:54 +08:00
Neil
55ce170842 remove unnecessary error message if the folder is not a domain
remove unnecessary error message if the folder is not a domain.
The error message output made the cron send mail.
2016-02-01 09:39:58 +08:00
neil
b4e2604c82 info: Close and reopen your terminal to start using le 2016-01-31 17:53:19 +08:00
neil
bf3135ef84 add alias after install 2016-01-31 17:43:32 +08:00
neil
4ac8d68d06 uninstall alias 2016-01-31 17:38:44 +08:00
neil
525997ee04 do not write /usr/loca/bin/ anymore. install to home. 2016-01-31 17:15:02 +08:00
neil
b25d22b05a keep compatible 2016-01-31 16:38:52 +08:00
neil
e9209938cb support account config file to save dns api key 2016-01-31 16:30:01 +08:00
neil
a28b3a653c install dnsapi 2016-01-30 22:51:36 +08:00
neil
0ed4c9391e sleep to wait dns record to take effect. 2016-01-30 22:47:22 +08:00
neil
611f687739 dnsapi folder 2016-01-30 21:14:41 +08:00
neil
b4a156da60 install dnsapi 2016-01-30 21:08:43 +08:00
neil
175c9decd7 init dnsapi 2016-01-30 21:00:36 +08:00
neil
bb2294e761 fix issue: do not re-generate domain key when call renew command 2016-01-30 10:39:02 +08:00
neil
137f5f8b78 minor,add info message. 2016-01-30 10:24:41 +08:00
raunsbaekdk
d4d645908f Updated DNS description
Making it clearer that you are supposed to create the TXT record under the _acme-challenge subdomain
2016-01-29 23:35:34 +01:00
neil
b3a2aac829 minor
#check if there is sudo installed, AND if the current user is a sudoer.
2016-01-27 13:15:12 +08:00
neil
f0252b91c9 Merge branch 'master' of https://github.com/Neilpang/le 2016-01-27 10:33:11 +08:00
neil
0a94c61973 remove dependency to "sha256sum" and "base64" 2016-01-26 21:04:24 +08:00
neil
b3d9713269 Merge branch 'master' of https://github.com/Neilpang/le 2016-01-26 14:22:27 +08:00
neil
0fda2a1dfb minor, polish install message 2016-01-26 14:22:12 +08:00
neil
a179e5fc97 h2b: my own hex to bin. remove dependency to xxd tool 2016-01-26 00:00:09 +08:00
neil
de8090f57e minor fix error message. 2016-01-24 21:28:44 +08:00
neil
5de1611628 minor fix output message. 2016-01-24 21:16:09 +08:00
neil
8ad71801eb minor, uninstall le.sh in the workingdir. 2016-01-24 16:15:53 +08:00
neil
a6f744edb1 use nmap Ncat for centOS 2016-01-24 10:40:08 +08:00
neil
18629d0fdd minor, use WORKING_DIR/le.sh to run cronjob. removes the dependency to "which" command. 2016-01-24 10:28:53 +08:00
neil
17c100d6ff minor, remove unnecessary error message. 2016-01-24 10:03:35 +08:00
neil
34d91b9f97 support fullchain. If the real cert path equals to the ca cert path, we will append the ca cert to the domain cert, which makes it a fullchain. 2016-01-23 23:23:44 +08:00
neil
c24e86a697 hide un-recommended parms from 'issue' command. It's recommended to set "cert-file-path" etc via 'installcert' command. 2016-01-23 22:52:43 +08:00
neil
ab5ec2a2d2 fix bug: Le_RealCertPath was missing from installcert command 2016-01-23 22:29:06 +08:00
Samuel Tardieu
2276a9ec97 remove extra space leading to an error
The line was parsed as: execute command "" with removelevel being
cleared.
2016-01-23 12:03:47 +01:00
neil
649fc386d1 minor: fix install message. 2016-01-23 14:51:45 +08:00
neil
9a66cdb6a0 make le more friendly to no-root user.
1. separate installcronjob/uninstallcronjob. no-root users can use cron job without installing le.sh
2. add cron command for cron only.
3. polish help messages.
4. move le from /bin/le  to /usr/local/bin/le
5. only root can install to /usr/local/bin/le.  non-root users can use ether /usr/local/bin/le  or ~/.le/le.sh instead
6. WORKING_DIR can be specified when install/cronjob
2016-01-23 14:41:10 +08:00
neil
ebcf30d02f remove ".well-known" folder after verification 2016-01-23 10:49:38 +08:00
neil
f074cb1036 fix bug for webroot mode. The token was missing. 2016-01-23 09:59:18 +08:00
neil
79c2453a2c separate "installcert" from "issue" command. 2016-01-23 09:38:08 +08:00
neil
e9840e6146 Support DNS-01 manually. Automatic api support is on its way. 2016-01-22 00:03:03 +08:00
Neil
ef4ee47f11 Merge pull request #28 from lucasRolff/add_chown
Chown directories to parent
2016-01-21 11:34:17 +08:00
Lucas Rolff
edcbe247cf Also changing group of .well-known directory 2016-01-20 19:05:46 +01:00
tombii
5248c51770 Update le.sh
If we regenerate the key by using FORCE=1 then we also need to regenerate the CSR, otherwise the key will not match the certificate.
2016-01-20 15:57:57 +08:00
Lucas Rolff
4b70d69029 Chown directories to parent
- You might configure web-servers to not allow reading files owned by root (or user you execute as), modified script to try chowning the .well-known recursively
- If you do not have chown rights it will work anyway
2016-01-17 12:46:24 +01:00
neil
2bd7774b8f remove unnecessary kill 2016-01-14 23:21:11 +08:00
neil
6586a86902 nc exit automatically, not use kill anymore. 2016-01-14 23:19:31 +08:00
neil
9877d46620 make the nc exit automatically, don't use kill anymore. 2016-01-14 23:16:53 +08:00
neil
282eae22a2 change default renewall days to 80 days. 2016-01-14 23:04:07 +08:00
neil
5f68af17d2 load domain.conf only when renewal. 2016-01-14 22:46:50 +08:00
Samuel Tardieu
ff88fa31d6 fix typo in output string 2016-01-13 13:24:49 +01:00
neil
93900a7a48 compatible with Proxmox, use cp instead of ln to update certs 2016-01-13 13:06:55 +08:00
Neil
7bc5e3bb5c avoid unnecessary kill & fix reload command 2016-01-13 11:54:00 +08:00
neil
30dbdbbde9 fix issue for apache 2016-01-11 21:50:03 +08:00
neil
1d9dcdd5b2 fix bug. Renewall 2016-01-11 21:29:12 +08:00
neil
889dbbc092 minor, set paths via env vars 2016-01-11 21:12:21 +08:00
neil
4b853d3c1e minor support to specify API 2016-01-11 20:39:25 +08:00
Neil
ad5d2a685d fix Apache 2.4 compatibility 2016-01-11 13:18:26 +08:00
neil
5b11958279 minor show version 2016-01-10 21:06:38 +08:00
neil
5a148a02d7 fix apache mode for SAN certificate 2016-01-10 21:02:39 +08:00
Neil
e03fae0099 minor 2016-01-10 20:49:58 +08:00
Neil
22f86e39db first version number 1.0.1 2016-01-10 20:47:13 +08:00
Neil
a0a2fe3ada clearup on success 2016-01-10 13:11:02 +08:00
neil
4c1e558413 minor 2016-01-10 10:49:12 +08:00
neil
ed68afac39 fix 2016-01-10 10:31:09 +08:00
neil
b7b8311c3d minor 2016-01-09 23:36:25 +08:00
neil
9a76ef2f32 apache plugin 2016-01-09 23:26:11 +08:00
neil
050038f872 minor, save the config earlier. 2016-01-08 13:09:56 +08:00
neil
4013bfd02a remove dependency to "netstat" 2016-01-07 23:17:15 +08:00
neil
23cb43c85f fix issue: sed contains "&" sign 2016-01-07 22:49:43 +08:00
neil
0334473a58 fix param issues 2016-01-07 18:06:44 +08:00
neil
85fb3776eb fix uninstall, compatible with previous versions 2016-01-07 13:15:22 +08:00
neil
6d0a26f4f2 fix uninstall 2016-01-07 13:08:24 +08:00
neil
01ba821632 fix error message for cron job 2016-01-07 13:05:16 +08:00
neil
8abd3e90aa polish Usage message 2016-01-06 22:51:16 +08:00
neil
b78a2c81d0 minor, check 80 port more gracefully 2016-01-06 22:30:18 +08:00
neil
29a02475df init path for renewAll 2016-01-06 22:20:36 +08:00
neil
960ab88c54 minor, fix error messages 2016-01-06 22:14:45 +08:00
neil
bf108bb7f1 save config still if sign failed 2016-01-06 21:56:51 +08:00
neil
97e44b974f add ca cert 2016-01-06 21:41:06 +08:00
neil
89a41e09a2 give "no" to alternate DNS name list to support single domain cert 2016-01-06 21:24:39 +08:00
neil
67afa94047 support Standalone server 2016-01-05 21:54:38 +08:00
Neil
7d076cfcea fix uninstall crontab 2016-01-05 09:41:48 +08:00
neil
ebb4363394 minor 2015-12-29 21:37:16 +08:00
neil
e2e275f24e minor 2015-12-29 21:32:45 +08:00
neil
4ca9bc799d clear code 2015-12-29 20:01:39 +08:00
Neil
5a177aad36 opps 2015-12-29 11:29:46 +08:00
neil
ae5f79d80a minor, fix uninstall messages. 2015-12-28 11:52:36 +08:00
neil
5419c23f62 minor, fix install messages 2015-12-28 11:49:22 +08:00
neil
948e8750ad minor, change base64 encoding 2015-12-28 09:33:27 +08:00
neil
10af90d67b minor 2015-12-27 19:34:51 +08:00
neil
e4a552da25 fix the error message 2015-12-27 19:27:43 +08:00
neil
c767f3d9a4 error debug info 2015-12-27 18:27:55 +08:00
neil
a2c5949dfd add "FORCE" macro to force renew cert 2015-12-27 18:12:34 +08:00
neil
4a743f81a8 base64 the binary response 2015-12-27 17:57:41 +08:00
neil
a889d6898d Opps, fix cert format 2015-12-27 16:18:14 +08:00