Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

security/acme-client: feature & bugfix release #71

Merged
merged 11 commits into from Feb 7, 2017

Conversation

@fraenki
Copy link
Member

@fraenki fraenki commented Feb 5, 2017

New features

  • Full integration with our HAProxy plugin (automatically injects configuration)
  • Support for restart actions (pre-defined, configd commands and custom commands)

Bugfixes

  • Fix for #70: relax field validations for many input fields (name, description, altNames)
  • Fix search fields
  • Fix forceful re-issue of certificates (required if altNames was changed)
  • Fix DNS-01 ISPconfig option (should be a checkbox)
  • Respect if an item is disabled
  • Do not expose lighttpd version
  • Improve some help messages

HAProxy Integration: Quick Start Guide

1. Enable HAProxy Integration

And don't forget to click the "Apply" button... :-)

le000

2. Configure Validation Method

le001

Be sure to select your HAProxy frontends:

le002

3. Configure Restart Action

le003

4. Configure Certificate

Now select the "validation method" and "restart action" for your certificate:
le004

@fraenki fraenki force-pushed the fraenki:le_fixes branch from 807cda8 to 709fb0c Feb 5, 2017
@fraenki fraenki changed the title [WIP] DO NOT MERGE! security/acme-client: feature & bugfix release security/acme-client: feature & bugfix release Feb 5, 2017
@fraenki
Copy link
Member Author

@fraenki fraenki commented Feb 5, 2017

@fitch: The new HAProxy integration requires the new dependency (a725776). Any objections?

@fichtner
Copy link
Member

@fichtner fichtner commented Feb 6, 2017

erm, yes... this doesn't look good, because it will also pull in haproxy and lua. where's the friction in the code between haproxy installed and not installed?

@fraenki
Copy link
Member Author

@fraenki fraenki commented Feb 6, 2017

@fichtner Currently there is nothing in the code to handle an absent haproxy plugin. It assumes that HAProxy is just there. Is there a command in the backend available to query the currently installed packages?

@fichtner
Copy link
Member

@fichtner fichtner commented Feb 6, 2017

@fraenki we'll have to add it if not there, let's talk this afternoon about how

@fraenki fraenki force-pushed the fraenki:le_fixes branch from a725776 to 24f3721 Feb 6, 2017
@fraenki
Copy link
Member Author

@fraenki fraenki commented Feb 6, 2017

@fichtner I've removed the hardcoded dependency to our HAProxy plugin and disable HAProxy integration by default now.

@fichtner fichtner self-assigned this Feb 6, 2017
@fraenki fraenki force-pushed the fraenki:le_fixes branch from 29123df to eecbffd Feb 7, 2017
@fraenki
Copy link
Member Author

@fraenki fraenki commented Feb 7, 2017

@fichtner I've added two more bugfixes. I promise these are the last ones for this release. :)

@fichtner fichtner merged commit b932806 into opnsense:master Feb 7, 2017
@fichtner
Copy link
Member

@fichtner fichtner commented Feb 7, 2017

Merged,thanks! :)

@lrosenman
Copy link

@lrosenman lrosenman commented Feb 17, 2017

Fixed my issue, and we're happily using LE cert for the FW. (#70)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.