New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

security/acme-client: feature & bugfix release #71

Merged
merged 11 commits into from Feb 7, 2017

Conversation

Projects
None yet
3 participants
@fraenki
Member

fraenki commented Feb 5, 2017

New features

  • Full integration with our HAProxy plugin (automatically injects configuration)
  • Support for restart actions (pre-defined, configd commands and custom commands)

Bugfixes

  • Fix for #70: relax field validations for many input fields (name, description, altNames)
  • Fix search fields
  • Fix forceful re-issue of certificates (required if altNames was changed)
  • Fix DNS-01 ISPconfig option (should be a checkbox)
  • Respect if an item is disabled
  • Do not expose lighttpd version
  • Improve some help messages

HAProxy Integration: Quick Start Guide

1. Enable HAProxy Integration

And don't forget to click the "Apply" button... :-)

le000

2. Configure Validation Method

le001

Be sure to select your HAProxy frontends:

le002

3. Configure Restart Action

le003

4. Configure Certificate

Now select the "validation method" and "restart action" for your certificate:
le004

@fraenki fraenki changed the title from [WIP] DO NOT MERGE! security/acme-client: feature & bugfix release to security/acme-client: feature & bugfix release Feb 5, 2017

@fraenki

This comment has been minimized.

Member

fraenki commented Feb 5, 2017

@fitch: The new HAProxy integration requires the new dependency (a725776). Any objections?

@fichtner

This comment has been minimized.

Member

fichtner commented Feb 6, 2017

erm, yes... this doesn't look good, because it will also pull in haproxy and lua. where's the friction in the code between haproxy installed and not installed?

@fraenki

This comment has been minimized.

Member

fraenki commented Feb 6, 2017

@fichtner Currently there is nothing in the code to handle an absent haproxy plugin. It assumes that HAProxy is just there. Is there a command in the backend available to query the currently installed packages?

@fichtner

This comment has been minimized.

Member

fichtner commented Feb 6, 2017

@fraenki we'll have to add it if not there, let's talk this afternoon about how

@fraenki

This comment has been minimized.

Member

fraenki commented Feb 6, 2017

@fichtner I've removed the hardcoded dependency to our HAProxy plugin and disable HAProxy integration by default now.

@fichtner fichtner self-assigned this Feb 6, 2017

@fraenki

This comment has been minimized.

Member

fraenki commented Feb 7, 2017

@fichtner I've added two more bugfixes. I promise these are the last ones for this release. :)

@fichtner fichtner merged commit b932806 into opnsense:master Feb 7, 2017

@fichtner

This comment has been minimized.

Member

fichtner commented Feb 7, 2017

Merged,thanks! :)

@lrosenman

This comment has been minimized.

lrosenman commented Feb 17, 2017

Fixed my issue, and we're happily using LE cert for the FW. (#70)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment