github-personal/labca
1
0
Fork 0
mirror of https://github.com/outbackdingo/labca.git synced 2026-01-27 10:19:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
540 Commits 1 Branch 0 Tags
master
Commit Graph

69 Commits

Author SHA1 Message Date
Arjan H
ca3a5b88c3 Fix 'error on line 239' when restoring backup (#194) 2025-09-22 20:37:47 +02:00
Arjan H
3081eae60f Also allow names in standalone DB config (#198) 2025-09-06 13:34:52 +02:00
Arjan H
d0a03e91ea Remove now unused _encrypt function 2025-08-05 21:24:55 +02:00
Arjan H
e875804af1 Remove email details from admin pages 
As Let's Encrypt has removed all email sending from boulder, we no longer need
the email details in LabCA either.
 2025-08-05 18:14:37 +02:00
Arjan H
26887b7f96 Remove old comment about keeping root key offline - not possible anymore (#160) 2025-05-29 20:19:55 +02:00
Arjan H
f38bae5867 Fix linting issues 2025-04-20 17:27:10 +02:00
Arjan H
3ec866d1ea Add golangci-lint for GUI 2025-03-23 10:21:49 +01:00
Arjan H
7d518d7ea4 Bump boulder version to release-2025-03-18 2025-03-20 19:57:14 +01:00
Arjan H
f14a2636c5 Bump boulder version to release-2025-02-04; add redis container 
Let's Encrypt has changed the rate limiter to require redis, so we can
no longer remove it from the docker compose filei completely. But at
least we can run it once instead of four instances.
 2025-02-10 19:38:38 +01:00
Arjan H
41ddb87e38 Remove button that doesn't work anymore 2025-02-02 20:25:38 +01:00
Arjan H
0d985d6b3f Several fixes and tweaks 2025-02-01 17:45:19 +01:00
Arjan H
6d72d32398 Use ceremony tool for generating keys and certs; store keys on SoftHSM 
Replace openssl certificate / CRL generation with the tool as used by
Let's Encrypt, storing the keys on SoftHSMv2, a simulated HSM (Hardware
Security Module).
Include migration of old setups where key files were also stored on
disk.
 2025-01-31 20:44:48 +01:00
Arjan H
295cd00011 SMTP server can now use LabCA issued certificate (#139) 
LabCA can optionally be configured to send emails. Until now it was only possible to send to SMTP
servers that use a certificate signed by a public root CA (e.g. gmail). Now this can also be an
internal server using a LabCA issued certificate, or you can skip TLS verification completely.
 2024-09-28 16:00:21 +02:00
Arjan H
933367d31e Update certificate revoke command and reasons (#134) 2024-08-31 16:22:40 +02:00
Arjan H
ab35a620f7 Update LabCA GUI for several recent boulder changes 2024-08-27 07:32:29 +02:00
Arjan H
045a128c2c Option to allow public contact email addresses in lockdown mode 
When in lockdown mode, only those domains can be used to request certificates for,
but it also only accepts email addresses in those domains. With this option in the
GUI it is now possible to still allow all public domains in contact addresses.
 2024-02-04 13:46:26 +01:00
Arjan H
a1a3230ead Fix several issues with renewing certificates (#109) 
URI encode the root_key and passphrase.
Fix name of root_key file.
Stop processing when error has occurred.
 2024-01-25 18:49:26 +01:00
Arjan H
33208bf347 Add way to renew (extend lifetime of) CA certificates (#74) 2023-12-26 11:56:45 +01:00
Arjan H
012a7a5d53 Switch from docker-compose to docker compose plugin (#73) 
The standalone docker-compose has been deprecated in favor of a plugin
for the compose binary.
 2023-07-02 16:10:38 +02:00
Arjan H
2a518ae03a It is now possible to upload backup files on the manage page (#75) 2023-07-01 11:03:47 +02:00
Arjan H
8aef5dd949 Fix restart of control container (also after restoring backup) 2023-06-29 20:06:03 +02:00
Arjan H
e32b692599 Restart boulder after updating CRL generation interval 2023-06-16 19:26:52 +02:00
Arjan H
3781027664 Make Issuer CRL generation interval configurable (default 24h) 2023-06-15 18:36:18 +02:00
Arjan H
2b81d2d3dd Add options to trigger CRL generation and upload a Root CRL (#53) 2023-06-11 12:09:14 +02:00
Arjan H
9f77d1a308 Add ability to keep private Root CA key offline (#53) 
When generating a new Root CA certificate, show the key in the GUI and ask the user to
store it offline. When importing an existing CA make the root key optional.
When the private key is needed but we don't have it, ask the user to provide it. You
can now also create a CSR for the Issuer CA that can be signed by the offline Root CA.
 2023-06-08 20:24:41 +02:00
Arjan H
0ed9d8eac2 Build and use local docker images for docker-only setup (#41) 
For now, the images are still built on the target machine for testing,
in the end they need to be built in a GitHub action.
 2023-04-15 09:19:17 +02:00
Arjan H
34acb1b7f2 Let apply scripts collect their own data from config 
Before, we passed the info on via environment variables
 2023-03-24 20:32:53 +01:00
Arjan H
7db3efe0ba Fix paths to static files on details pages of standalone version (#55) 2022-11-30 19:45:45 +01:00
Arjan H
584accf056 Include the status/stats for consul container 2022-10-23 14:41:33 +02:00
Arjan H
1d705b3334 Fix determining if embedded templates should be used (#55) 2022-09-25 08:56:59 +02:00
Arjan H
e5798fb821 Make standalone gui version for Smallstep step-ca ACME (#55) 2022-09-05 20:52:21 +02:00
Arjan H
1a321e2091 Refactor ACME gui to use more generic structs 2022-09-02 20:18:41 +02:00
Arjan H
d7dee9ca1b Refactor some deprecated code 2022-08-15 19:32:30 +02:00
Arjan H
888ef8556d Refactor some deprecated code 2022-08-08 20:01:18 +02:00
Arjan H
3fed65af17 Keep setting the cookie so the expiration / max-age keeps renewing 
Until now the session would expire 1 hour after the first action even
when you keep using the gui in between
 2022-08-06 16:42:28 +02:00
Arjan H
9935b056c3 Update stats display on dashboard to docker-only situation 2022-08-06 15:15:54 +02:00
Arjan H
28553dac91 Determine issuer NameID value so we can set the correct AIA URL (#35) 2022-07-31 16:42:47 +02:00
Arjan H
eb892ba54a Cleanup any failed cert creation so it will be retried 2022-07-31 11:16:52 +02:00
Arjan H
9c1e3f2600 Make title/name on web pages configurable (#52) 2022-07-28 19:00:21 +02:00
Arjan H
f000abb97d Issuer cert can now also be ECDSA 
Apparently the cfssl issue was resolved at some time
 2022-06-03 10:08:57 +02:00
Arjan H
6a67044372 Option to import backup instead of setting up from scratch on new install (#44) 2022-04-29 19:24:34 +02:00
Arjan H
286a7667a1 Fix cron log icon; improve troubleshooting info 2022-04-29 19:24:34 +02:00
Arjan H
960bd72567 Update troubleshooting log locations (#43) 2022-04-23 11:26:15 +02:00
Arjan H
b9a35633d9 Make backup files downloadable (#44) 2022-04-23 11:19:30 +02:00
Arjan H
9e411e03b5 Improve cronjob logging; expose cron log in web gui 2022-04-23 11:11:30 +02:00
Arjan H
e64c5e4c1f More docker-only refactoring and fixes (#37) 2022-04-19 19:08:30 +02:00
Arjan H
091e532308 Move commander service from host to docker container (#37 #38) 2022-04-17 19:36:46 +02:00
Arjan H
99d8bbe6be Generate new cert when changing fqdn 2022-04-16 19:14:10 +02:00
Arjan H
cf0531e82b Fix handling of special characters in organization name (#40) 
E.g. a-umlaut
 2022-04-12 21:26:10 +02:00
Arjan H
954d9bb014 Run nginx as docker container instead of on the host system (#36) 2022-04-02 13:01:52 +02:00