mirror of
https://github.com/certbot/certbot.git
synced 2026-05-28 04:34:11 -04:00
52e207a404
* add ip address support to acme saving * remove client-site check for ip address * using right prefix for san parsing * remove type hint for backward compatibility * remove bare ip blocking check from main_test * upppercase * lint tix * add additional tests for new IP support * support for ipv6 bare address * make apache and nginx plugin raise error for certs with ip address * linting * add pem file's last newline char * gen_ss_cert ip support and comment fixup * fix test coverage * indent fix and assetTrue to assetIN * indent mistake, made a note where class end * acme lib now receive IPs as separate list * fix typos * type 2 * fix tests * Deny IP address on certbot/certbot side as LE don't support it * remove excess empty line to rerun tox * comment indent and typo fix Apply suggestions from code review Co-authored-by: Brad Warren <bmw@users.noreply.github.com> * trim unused functions * trim unused import * make raw san list extraction as separate function * Apply suggestions from code review mostly comment suggestions here Co-authored-by: Brad Warren <bmw@users.noreply.github.com> * apply patches suggested on review. * remove excessive empty lines * update CHANGELOG.md * added acme lib update about ipaddress support in CHANGELOG.md Co-authored-by: Brad Warren <bmw@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| cert-100sans.pem | ||
| cert-idnsans.pem | ||
| cert-ipsans.pem | ||
| cert-ipv6sans.pem | ||
| cert-nocn.der | ||
| cert-san.pem | ||
| cert.der | ||
| cert.pem | ||
| critical-san.pem | ||
| csr-6sans.pem | ||
| csr-100sans.pem | ||
| csr-idnsans.pem | ||
| csr-ipsans.pem | ||
| csr-ipv6sans.pem | ||
| csr-mixed.pem | ||
| csr-nosans.pem | ||
| csr-san.pem | ||
| csr.der | ||
| csr.pem | ||
| dsa512_key.pem | ||
| README | ||
| rsa256_key.pem | ||
| rsa512_key.pem | ||
| rsa1024_cert.pem | ||
| rsa1024_key.pem | ||
| rsa2048_cert.pem | ||
| rsa2048_key.pem | ||
| rsa4096_cert.pem | ||
| rsa4096_key.pem | ||
In order for acme.test_util._guess_loader to work properly, make sure
to use appropriate extension for vector filenames: .pem for PEM and
.der for DER.
The following command has been used to generate test keys:
for k in 256 512 1024 2048 4096; do openssl genrsa -out rsa${k}_key.pem $k; done
and for the CSR:
openssl req -key rsa2048_key.pem -new -subj '/CN=example.com' -outform DER > csr.der
and for the certificates:
openssl req -key rsa2048_key.pem -new -subj '/CN=example.com' -x509 -outform DER > cert.der
openssl req -key rsa2048_key.pem -new -subj '/CN=example.com' -x509 > rsa2048_cert.pem
openssl req -key rsa1024_key.pem -new -subj '/CN=example.com' -x509 > rsa1024_cert.pem