summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
godog [Tue, 7 Oct 2014 21:30:48 +0000 (22:30 +0100)]
allow CA public key renewal
setting unique_subject = no allows for key rollovers:
if the value yes is given, the valid certificate entries in the database must
have unique subjects. if the value no is given, several valid certificate
entries may have the exact same subject. The default value is yes, to be
compatible with older (pre 0.9.8) versions of OpenSSL. However, to make CA
certificate roll-over easier, it's recommended to use the value no,
especially if combined with the -selfsign command line option.
ale [Sat, 27 Sep 2014 09:49:06 +0000 (10:49 +0100)]
split commands into their own functions; improve logging and error reporting
ale [Sat, 27 Sep 2014 09:23:57 +0000 (10:23 +0100)]
extend the documentation a bit
ale [Sat, 27 Sep 2014 08:35:00 +0000 (09:35 +0100)]
switch the digest default to SHA2
ale [Sat, 27 Sep 2014 08:32:33 +0000 (09:32 +0100)]
use the specified digest for the CSR
ale [Sat, 27 Sep 2014 08:24:27 +0000 (09:24 +0100)]
add .gitignore
ale [Sat, 27 Sep 2014 08:24:09 +0000 (09:24 +0100)]
add Tox config
ale [Sat, 27 Sep 2014 08:18:49 +0000 (09:18 +0100)]
give README a proper file extension so that it renders correctly
ale [Sun, 17 Aug 2014 16:20:26 +0000 (17:20 +0100)]
made signature algorithm configurable
ale [Fri, 7 Feb 2014 18:56:50 +0000 (18:56 +0000)]
always revoke the certificate, even if it is already expired
ale [Sun, 29 Dec 2013 16:55:56 +0000 (16:55 +0000)]
allow specifying nsCertType in config
ale [Sun, 29 Dec 2013 15:54:12 +0000 (15:54 +0000)]
add missing package_data
ale [Mon, 10 Dec 2012 20:14:37 +0000 (20:14 +0000)]
always regenerate the CA config file if necessary
ale [Mon, 10 Dec 2012 19:51:32 +0000 (19:51 +0000)]
ensure that the generated CRL is in DER format
ale [Sun, 9 Dec 2012 19:03:47 +0000 (19:03 +0000)]
removed NS Comment attribute
ale [Sun, 9 Dec 2012 19:02:56 +0000 (19:02 +0000)]
remove obsolete Netscape Revocation url attributes
ale [Sat, 17 Nov 2012 12:49:56 +0000 (12:49 +0000)]
support relocatable ca roots
ale [Wed, 8 Feb 2012 11:13:48 +0000 (11:13 +0000)]
dump certs on stderr
ale [Wed, 8 Feb 2012 11:13:28 +0000 (11:13 +0000)]
correctly set the email as subjectAltName of the CA certificate only; do not add it to the DN
ale [Wed, 8 Feb 2012 10:27:22 +0000 (10:27 +0000)]
add a full integration test via main()
ale [Mon, 6 Feb 2012 19:55:14 +0000 (19:55 +0000)]
print expiration dates in the "list" command
ale [Mon, 6 Feb 2012 19:33:09 +0000 (19:33 +0000)]
add the "fp" command to dump fingerprints; minor fixes to the help doc
ale [Mon, 6 Feb 2012 19:02:45 +0000 (19:02 +0000)]
upgrade to CAM v2.0
ale [Fri, 15 Dec 2006 09:33:39 +0000 (09:33 +0000)]
re-added the '-selfsign' option so that at least the 'newca' command works with openssl 0.9.8
ale [Thu, 7 Dec 2006 11:36:05 +0000 (11:36 +0000)]
fixed issue #1 - cam library path now has precedence
ale [Thu, 7 Dec 2006 11:34:13 +0000 (11:34 +0000)]
fixed previous commit: one -selfsign option was left
ale [Thu, 7 Dec 2006 09:39:27 +0000 (09:39 +0000)]
dropped -selfsign option; revoke certificates that are re-generated but not expired; fixes
ale [Wed, 2 Aug 2006 01:26:18 +0000 (01:26 +0000)]
fix.
ale [Wed, 2 Aug 2006 01:25:52 +0000 (01:25 +0000)]
check for existance of configuration file.
ale [Wed, 2 Aug 2006 01:23:58 +0000 (01:23 +0000)]
import iniziale