Log

core/certmanager.lua @ 11828:024ac556e907

description author age
core.certmanager: Support 'use_dane' setting to enable DANE support Kim Alvefur Sun, 18 Jul 2021 22:46:57 +0200
core.certmanager: Skip service certificate lookup for https client Kim Alvefur Thu, 27 May 2021 09:22:07 +0200
Merge 0.11->trunk Matthew Wild Thu, 13 May 2021 11:17:13 +0100
certmanager: Disable renegotiation by default 0.11 Matthew Wild Tue, 11 May 2021 14:14:15 +0100
core.certmanager: Test for SSL options in absence of LuaSec config 0.11 Kim Alvefur Mon, 26 Apr 2021 15:32:05 +0200
core.certmanager: Attempt to directly access LuaSec config table 0.11 Kim Alvefur Mon, 26 Apr 2021 15:30:13 +0200
core.certmanager: Catch error from lfs Kim Alvefur Fri, 07 May 2021 16:47:58 +0200
core.certmanager: Resolve certs path relative to config dir Kim Alvefur Fri, 07 May 2021 16:35:37 +0200
core.certmanager: Skip directly to guessing of key from cert filename Kim Alvefur Wed, 05 May 2021 15:56:39 +0200
core.certmanager: Join paths with OS-aware util.paths function Kim Alvefur Wed, 05 May 2021 15:54:05 +0200
core.certmanager: Build an index over certificates Kim Alvefur Sat, 10 Apr 2021 14:45:40 +0200
core.certmanager: Check for complete filename Kim Alvefur Sat, 10 Apr 2021 14:45:03 +0200
core.certmanager: Add comments explaining the 'verifyext' TLS settings Kim Alvefur Sat, 06 Feb 2021 22:12:38 +0100
core.certmanager: Add TODO about LuaSec issue Kim Alvefur Sun, 07 Jun 2020 02:12:50 +0200
Merge 0.11->trunk Kim Alvefur Mon, 13 Apr 2020 16:14:39 +0200
core.certmanager: Move EECDH ciphers before EDH in default cipherstring (fixes #1513) 0.11 Kim Alvefur Sun, 25 Aug 2019 20:22:35 +0200
Merge 0.11->trunk Kim Alvefur Fri, 10 Apr 2020 19:03:36 +0200
core.certmanager: Look for privkey.pem to go with fullchain.pem (fix #1526) 0.11 Kim Alvefur Fri, 10 Apr 2020 16:11:09 +0200
core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI support) Kim Alvefur Fri, 29 Nov 2019 23:24:14 +0100
core.certmanager: Lower severity for tls config not having cert Kim Alvefur Sat, 07 Sep 2019 00:00:40 +0200
core.certmanager: Remove unused import [luacheck] Kim Alvefur Sun, 25 Aug 2019 23:25:42 +0200
Remove COMPAT with temporary luasec fork Kim Alvefur Sun, 25 Aug 2019 23:12:55 +0200
core.certmanager: Move EECDH ciphers before EDH in default cipherstring Kim Alvefur Sun, 25 Aug 2019 20:22:35 +0200
core.certmanager: Do not ask for client certificates by default Kim Alvefur Sun, 10 Mar 2019 19:58:28 +0100
Merge 0.10->trunk Kim Alvefur Fri, 25 May 2018 03:33:13 +0200
core.certmanager: Allow all non-whitespace in service name (fixes #1019) Kim Alvefur Fri, 25 May 2018 03:30:16 +0200
vairious: Add annotation when an empty environment is set [luacheck] Kim Alvefur Wed, 28 Feb 2018 20:06:26 +0100
certmanager: Check for missing certificate before key in configuration (should be marginally less confusing) Kim Alvefur Thu, 28 Dec 2017 17:32:56 +0100
certmanager: Set single curve conditioned on LuaSec advertising EC crypto support Kim Alvefur Mon, 20 Nov 2017 00:27:26 +0100
certmanager: Filter out curves not supported by LuaSec Kim Alvefur Mon, 20 Nov 2017 00:26:41 +0100
certmanager: Change table representing LuaSec capabilities to match capabilities table exposed in LuaSec 0.7 Kim Alvefur Mon, 20 Nov 2017 00:25:18 +0100
core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if used along with luasec 0.7 and openssl 1.1 Kim Alvefur Wed, 27 Sep 2017 15:45:07 +0200
prosodyctl: cert import: Reuse function from certmanager for locating certificates and keys Kim Alvefur Wed, 27 Sep 2017 15:21:20 +0200
certmanager: Add debug logging (thanks av6) Matthew Wild Sat, 23 Sep 2017 17:13:29 +0100
certmanager: Update the 'certificates' option after the config has been reloaded (fixes #929) Kim Alvefur Thu, 01 Jun 2017 14:03:50 +0200
core.certmanager: Translate "no start line" to something friendlier (thanks santiago) Kim Alvefur Sat, 26 Nov 2016 20:08:48 +0100
core.certmanager: Split cipher list into array with comments explaining each part Kim Alvefur Mon, 12 Sep 2016 15:49:24 +0200
certmanager: Assume default config path of '.' (fixes prosodyctl check certs when not installed) Kim Alvefur Fri, 29 Jul 2016 11:24:28 +0200
certmanager: Explicitly tonumber() version number segments before doing arithmetic and avoid relying on implicit coercion (thanks David Favro) Matthew Wild Sat, 26 Mar 2016 19:55:08 +0000
certmanager: Localize tonumber Matthew Wild Thu, 18 Feb 2016 13:48:45 +0000
certmanager: Try filename.key if certificate is set to a full filename ending with .crt Kim Alvefur Fri, 05 Feb 2016 16:12:01 +0100
certmanager: Apply global ssl config later so certificate/key is not overwritten by magic Kim Alvefur Fri, 05 Feb 2016 15:03:39 +0100
certmanager: Support new certificate configuration for non-XMPP services too (fixes #614) Matthew Wild Fri, 05 Feb 2016 00:03:41 +0000
core.certmanager: Look for certificate and key in a few different places Kim Alvefur Wed, 03 Feb 2016 22:44:29 +0100
core.certmanager: Remove non-string filenames (allows setting eg capath to false to disable the built in default) Kim Alvefur Sun, 11 Oct 2015 19:44:15 +0200
core.*: Remove use of module() function Kim Alvefur Sat, 21 Feb 2015 10:42:19 +0100
certmanager: Fix compat for MattJs old LuaSec fork Kim Alvefur Thu, 05 Feb 2015 17:23:53 +0100
certmanager: Fix previous commit Kim Alvefur Thu, 05 Feb 2015 17:21:05 +0100
certmanager: Limit certificate chain depth to 9 Kim Alvefur Thu, 05 Feb 2015 16:59:34 +0100
certmanager: Options that appear to be available since LuaSec 0.2 Kim Alvefur Thu, 05 Feb 2015 16:56:28 +0100
certmanager: Improve "detection" of features that depend on LuaSec version Kim Alvefur Thu, 05 Feb 2015 16:20:50 +0100
certmanager: Add locals for ssl.context and ssl.x509 Kim Alvefur Thu, 05 Feb 2015 15:14:35 +0100
certmanager: Early return from the entire module if LuaSec is unavailable Kim Alvefur Thu, 05 Feb 2015 15:10:23 +0100
certmanager: Make global variable access explicit Matthew Wild Tue, 20 Jan 2015 11:29:38 +0000
certmanager, mod_tls: Return final ssl config as third return value (fix for c6caaa440e74, portmanager assumes non-falsy second return value is an error) (thanks deoren) Kim Alvefur Sat, 22 Nov 2014 11:51:54 +0100
certmanager: Return final ssl config along with ssl context on success Kim Alvefur Wed, 19 Nov 2014 14:47:03 +0100
Merge 0.9->0.10 Kim Alvefur Sun, 26 Oct 2014 20:57:06 +0100
certmanager, net.http: Disable SSLv3 by default 0.9.6 Matthew Wild Tue, 14 Oct 2014 18:55:08 +0100
core.certmanager: Make create_context() support an arbitrary number of option sets, merging all Kim Alvefur Thu, 03 Jul 2014 15:32:26 +0200
core.certmanager: Use util.sslconfig Kim Alvefur Thu, 03 Jul 2014 15:31:12 +0200