summaryrefslogtreecommitdiff
path: root/lib/leap_cli/commands/ca.rb
AgeCommit message (Collapse)Author
2014-06-04ensure that x509 certificates use dns names that are strictly sorted and ↵elijah
unique, to prevent unncessary regeneration of certificates.
2013-07-24allow provider to include country, state, and locality in the CSR.elijah
2013-07-10fixed bug where unused certs were not being deleted.elijah
2013-05-15certs - include all possible domains in subaltname, including one in commonname.elijah
2013-03-17updated `leap test init` to work with openvpn service levels.elijah
2013-03-13oops, fixed bug in `leap cert csr`elijah
2013-03-13added --domain switch to `leap cert csr`elijah
2013-02-23minor improvements to wording of inline command helpelijah
2013-01-21added client ca in addition to normal ca (used only to generate client ↵elijah
certificates)
2013-01-08in 'cert csr', use fake ca for testing.elijah
2012-12-15fixed bug with certificate dateselijah
2012-12-13client certs should only have digitalSignatureelijah
2012-12-12improved key usage parameters for x509 cert generationelijah
2012-12-11add keyEncipherment to server certselijah
2012-12-05fixed problems with ruby 1.8 and GLI, and added some tests.elijah
2012-11-28command name shuffle -- grouped more commands together as subcommandselijah
2012-11-23initial work toward 'leap test'. for now, it generates an openvpn config for ↵elijah
client testing. try 'leap init-test'
2012-11-21clean up dh params generated by certtool.elijah
2012-11-17always generate self-signed provider cert, but include a note that it should ↵elijah
be written over.
2012-11-16added CSR ability (and vendored certificate_authority gem, so we can get the ↵elijah
unreleased fixes we need).
2012-11-15ensure certificates are generated with subjectAltName that includes all ↵elijah
domain aliases
2012-11-14only generate cert of x509.user == trueelijah
2012-11-14made 'leap update-cert' intelligently update all certificates as needed.elijah
2012-11-13cleaned up logging, and much improved error message when file is not foundelijah
2012-11-06updated test/provider and added configurable life_span to CA.elijah
2012-11-03fixed typoelijah
2012-11-02explicitly set digest in server cert generationelijah
2012-11-01x.509 support -- added certificate authority creation and server cert creationelijah