![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / acme-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.8 / (download) - annotate - [select for diffs], Fri Jun 7 08:07:52 2019 UTC (5 years ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7,
OPENBSD_6_6_BASE,
OPENBSD_6_6,
HEAD
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)
Implement RFC 8555 "Automatic Certificate Management Environment (ACME)" to be able to talk to the v02 Let's Encrypt API. With this acme-client(1) will no longer be able to talk to the v01 API. Users must change the api url in /etc/acme-client.conf to https://acme-v02.api.letsencrypt.org/directory Existing accounts (and certs of course) stay valid and after the url change acme-client will be able to renew certs. Tested by Renaud Allard and benno Input & OK benno
Revision 1.7 / (download) - annotate - [select for diffs], Tue Nov 6 20:40:49 2018 UTC (5 years, 7 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.6: +1 -2 lines
Diff to previous 1.6 (colored)
Use TLS_CA_CERT_FILE instead of a separate define. ok beck@ bluhm@ tb@
Revision 1.6 / (download) - annotate - [select for diffs], Wed Aug 8 17:47:44 2018 UTC (5 years, 10 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.5: +2 -1 lines
Diff to previous 1.5 (colored)
In netproc process, unveil to only expose the CA file. ok florian
Revision 1.5 / (download) - annotate - [select for diffs], Wed Jan 25 13:52:53 2017 UTC (7 years, 4 months ago) by inoguchi
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.4: +1 -5 lines
Diff to previous 1.4 (colored)
remove __BEGIN_DECLS and __END_DECLS from http.h sync with ocspcheck and acme-client ok benno@
Revision 1.4 / (download) - annotate - [select for diffs], Tue Jan 24 07:59:54 2017 UTC (7 years, 4 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
string terminator is called a NUL
Revision 1.3 / (download) - annotate - [select for diffs], Tue Oct 4 15:49:42 2016 UTC (7 years, 8 months ago) by jsing
Branch: MAIN
Changes since 1.2: +3 -1 lines
Diff to previous 1.2 (colored)
Avoid a potential MITM - calling tls_config_insecure_noverify() is a bad idea, so stop doing that. Instead, use a single tls_config, set it up and configure the CA file to use while we still have rpath, then drop rpath. This also avoids creating a new tls_config for each and every HTTPS connection, which is unnecessary. ok benno@ florian@
Revision 1.2 / (download) - annotate - [select for diffs], Wed Aug 31 23:08:49 2016 UTC (7 years, 9 months ago) by benno
Branch: MAIN
Changes since 1.1: +5 -5 lines
Diff to previous 1.1 (colored)
whitespace
Revision 1.1 / (download) - annotate - [select for diffs], Wed Aug 31 22:01:42 2016 UTC (7 years, 9 months ago) by florian
Branch: MAIN
Import Kristaps' letskencrypt and call it acme-client in tree. OK to get it in deraadt@ (and probably beck@) At least deraadt@, beck@ and otto@ are fine with the name and the disagreements stopped.