github-personal/labca
1
0
Fork 0
mirror of https://github.com/outbackdingo/labca.git synced 2026-01-27 10:19:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
540 Commits 1 Branch 0 Tags
master
Commit Graph

43 Commits

Author SHA1 Message Date
Arjan H
e875804af1 Remove email details from admin pages 
As Let's Encrypt has removed all email sending from boulder, we no longer need
the email details in LabCA either.
 2025-08-05 18:14:37 +02:00
Arjan H
bdcdbef34d Fix root certificate link on setup page (#166) 2025-03-11 20:39:07 +01:00
Arjan H
41ddb87e38 Remove button that doesn't work anymore 2025-02-02 20:25:38 +01:00
Arjan H
0d985d6b3f Several fixes and tweaks 2025-02-01 17:45:19 +01:00
Arjan H
6d72d32398 Use ceremony tool for generating keys and certs; store keys on SoftHSM 
Replace openssl certificate / CRL generation with the tool as used by
Let's Encrypt, storing the keys on SoftHSMv2, a simulated HSM (Hardware
Security Module).
Include migration of old setups where key files were also stored on
disk.
 2025-01-31 20:44:48 +01:00
Arjan H
295cd00011 SMTP server can now use LabCA issued certificate (#139) 
LabCA can optionally be configured to send emails. Until now it was only possible to send to SMTP
servers that use a certificate signed by a public root CA (e.g. gmail). Now this can also be an
internal server using a LabCA issued certificate, or you can skip TLS verification completely.
 2024-09-28 16:00:21 +02:00
Arjan H
933367d31e Update certificate revoke command and reasons (#134) 2024-08-31 16:22:40 +02:00
Arjan H
ab35a620f7 Update LabCA GUI for several recent boulder changes 2024-08-27 07:32:29 +02:00
Arjan H
045a128c2c Option to allow public contact email addresses in lockdown mode 
When in lockdown mode, only those domains can be used to request certificates for,
but it also only accepts email addresses in those domains. With this option in the
GUI it is now possible to still allow all public domains in contact addresses.
 2024-02-04 13:46:26 +01:00
Arjan H
a1a3230ead Fix several issues with renewing certificates (#109) 
URI encode the root_key and passphrase.
Fix name of root_key file.
Stop processing when error has occurred.
 2024-01-25 18:49:26 +01:00
Arjan H
33208bf347 Add way to renew (extend lifetime of) CA certificates (#74) 2023-12-26 11:56:45 +01:00
Arjan H
2a518ae03a It is now possible to upload backup files on the manage page (#75) 2023-07-01 11:03:47 +02:00
Arjan H
8aef5dd949 Fix restart of control container (also after restoring backup) 2023-06-29 20:06:03 +02:00
Arjan H
e32b692599 Restart boulder after updating CRL generation interval 2023-06-16 19:26:52 +02:00
Arjan H
3781027664 Make Issuer CRL generation interval configurable (default 24h) 2023-06-15 18:36:18 +02:00
Arjan H
66b51217df Prevent posting empty data from manage CRL (#53) 2023-06-11 15:59:57 +02:00
Arjan H
2b81d2d3dd Add options to trigger CRL generation and upload a Root CRL (#53) 2023-06-11 12:09:14 +02:00
Arjan H
9f77d1a308 Add ability to keep private Root CA key offline (#53) 
When generating a new Root CA certificate, show the key in the GUI and ask the user to
store it offline. When importing an existing CA make the root key optional.
When the private key is needed but we don't have it, ask the user to provide it. You
can now also create a CSR for the Issuer CA that can be signed by the offline Root CA.
 2023-06-08 20:24:41 +02:00
Arjan H
29fcf76cf2 Remove update button from GUI as it is not possible from inside docker 2022-12-24 09:47:49 +01:00
Arjan H
e5798fb821 Make standalone gui version for Smallstep step-ca ACME (#55) 2022-09-05 20:52:21 +02:00
Arjan H
1a321e2091 Refactor ACME gui to use more generic structs 2022-09-02 20:18:41 +02:00
Arjan H
9935b056c3 Update stats display on dashboard to docker-only situation 2022-08-06 15:15:54 +02:00
Arjan H
03c26b1479 Cosmetic: force refresh after updating config and making manual backup 2022-07-31 17:54:59 +02:00
Arjan H
9c1e3f2600 Make title/name on web pages configurable (#52) 2022-07-28 19:00:21 +02:00
Arjan H
8f739fdfe1 Suppress some long attributes from audit log on main dashboard 2022-06-04 17:09:54 +02:00
Arjan H
6a67044372 Option to import backup instead of setting up from scratch on new install (#44) 2022-04-29 19:24:34 +02:00
Arjan H
b9a35633d9 Make backup files downloadable (#44) 2022-04-23 11:19:30 +02:00
Arjan H
e64c5e4c1f More docker-only refactoring and fixes (#37) 2022-04-19 19:08:30 +02:00
Arjan H
69fc88c689 Make update from gui more robust 2022-04-14 20:43:13 +02:00
Arjan H
d7c1cbe118 Make initial setup process a bit more clear 2021-12-04 19:08:52 +01:00
Arjan H
503d1e51ef Enable more than one local domain to issue certificates for (#24) 2021-12-03 20:34:01 +01:00
Arjan H
7b91eba163 Stop sharing admin session with ALL users (#27) 
Decode the authorization and encryption keys fetched from the config file ase they are base64 but need to be a []byte. Fixes #27
 2021-11-03 07:43:35 +01:00
Arjan H
64f7f23ec5 Show more information on page to diagnose initial problems 2021-08-22 17:22:06 +02:00
Arjan H
033b4a0e4f Don't show dbdata backups as restorable from gui 2021-05-22 18:19:10 +02:00
Arjan H
d9c78c5376 Tweak description string of whitelist mode 2021-03-03 17:27:28 +01:00
Arjan H
9561d20006 Fix template conditional syntax 
#7
 2020-11-08 09:42:20 +01:00
Arjan H
c209349cd2 Set high rate limit for our domain; add rate-limits page 2020-10-04 15:46:22 +02:00
Arjan H
af7c3edc6f Cosmetic: nicer spacing between buttons; debug versions are newer so do 
not report them as older
 2020-08-06 19:18:59 +02:00
Arjan H
26ff625487 Mouseover title with actual datetime when last checked for updates 2020-04-14 11:52:19 +02:00
Arjan H
5d23559849 Check for new versions and upgrade from webgui. closes #1 2020-04-13 13:50:08 +02:00
Arjan H
5a546115bf Optional extension of timeout values 2019-07-12 17:42:22 +02:00
Arjan H
cec0c77445 Make golint happy 
#5
 2018-12-06 09:04:52 +01:00
Arjan H
f8ead94450 Initial commit to GitHub 2018-11-10 15:13:43 +01:00