github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity
879 Commits
4 Branches
43 Tags
4 MiB
Commit Graph

79 Commits (3adab36f05f001b29a541455c8c6992ba61b7aaa)

Author SHA1 Message Date
Richard Körber 3adab36f05
Remove last references to javax.mail 2025-01-26 15:35:09 +01:00
Richard Körber dec4a461ca
Update to draft-ietf-acme-ari-07 
No changes to the protocol
 2025-01-18 12:14:31 +01:00
Richard Körber 786a2d279d
Add documentation about profiles 2025-01-18 12:07:31 +01:00
Richard Körber 318aeaab9d
Single method to get the certificate 2024-10-21 07:11:09 +02:00
Richard Körber 7a02a2f857
Update to draft-ietf-acme-ari-06 
No changes to the protocol
 2024-10-20 09:34:26 +02:00
Richard Körber e88b4ef68f
Add new CAs to list of supported CAs 2024-10-20 08:59:30 +02:00
Richard Körber 87bbb9efbf
Add Buypass provider 2024-09-22 16:54:17 +02:00
Richard Körber beec5156c2
Add Google CA provider 2024-09-22 16:32:00 +02:00
Richard Körber 0ccd68c09a
Update to draft-ietf-acme-ari-05 2024-08-24 12:19:13 +02:00
Richard Körber afa60ae76f
Document how to use different Pebble domain (#160) 2024-08-22 20:18:07 +02:00
Richard Körber 171ee474c0
Deprecate update() and AcmeRetryAfterException 2024-08-18 11:42:50 +02:00
Richard Körber b897dc277d
Add new methods for status change busy waiting 2024-08-17 17:20:52 +02:00
Richard Körber ae60431a79
Disable ssl.com staging unit tests 
The ssl.com staging server's certificate seems to be unmonitored,
causing the acme4j build chain to break from time to time when their
certificate has expired. As this is blocking development, I have
decided to disable all related unit tests, and add a corresponding
note to the documentation.

The acme4j ssl.com provider is marked as experimental now, since it
is not fully covered by unit tests anymore.
 2024-06-30 10:43:36 +02:00
Richard Körber a9ce33a921
Update to draft-ietf-acme-ari-04 
Only changes to the docs were necessary.
 2024-06-11 18:54:31 +02:00
Richard Körber 01249294c8
Mention Problem in docs 2024-05-15 18:43:49 +02:00
Richard Körber a718d82db2
Next version is 3.3.0 2024-05-15 16:01:52 +02:00
Richard Körber 5b14d15854
Discontinue version 2 2024-05-15 15:58:28 +02:00
Richard Körber aeff12088f
Update spotbugs and related new warnings (fixes #157) 2024-05-10 16:07:41 +02:00
Richard Körber 773cacde4f
Add subdomain validation support (RFC 9444) 2024-03-15 17:18:01 +01:00
Richard Körber b5a7e00ac3
Use example IPs according to RFC3849/RFC5737 2024-03-13 20:27:12 +01:00
Richard Körber fdbd82e887
Minor documentation fixes 2024-02-28 18:00:02 +01:00
Richard Körber f9d479a8f7
Simplify handling of Retry-After header 2024-02-26 18:26:45 +01:00
Richard Körber 908e11b152
Workaround for ssl.com metadata bug 
ssl.com requires EAB for account creation, but the metadata's
"externalAccountRequired" property gives "false", indicating that no EAB
is used.

This fix patches the read directory's metadata if the ssl.com provider
is used.
 2024-02-26 18:26:45 +01:00
Richard Körber 081e53f137
SSL.com: Add support for ECC and RSA mode 2024-02-26 18:26:45 +01:00
Richard Körber 73c71be754
Documentation review 2024-02-26 18:26:45 +01:00
Richard Körber f2ae26b822
Make the example universal and CA neutral 
I like to avoid having different examples for different CAs or
scenarios, as it takes unnecessary time to keep them in sync and
updated.

For this reason, I merged both examples back in a single example again,
which now also handles EAB if necessary.

I also used a generic example CA (example.org) so no CA is favored in
the source code. The desired connection URI must now be configured
first, in order to make the example run.

The documentation was updated accordingly. Rationale is that I don't
want the documentation to be cluttered with all possible CAs, so none of
them is favored now.
 2024-02-26 18:26:45 +01:00
Richard Körber 60342c435f
Add ZeroSSL provider 
As ZeroSSL makes use of the Retry-After header, the example
implementation has also been changed accordingly.
 2024-02-26 18:26:45 +01:00
George Fergadis 9c6eb5e610 Add SSL.com provider 2024-02-20 16:22:39 +01:00
Richard Körber 48c32f612d
Upgrade to draft-ietf-acme-ari-03 2024-02-19 07:44:40 +01:00
Richard Körber 50a74251e0
setCommonName() sets CN only 2023-11-24 11:18:45 +01:00
Richard Körber e26f8fc572
Add question to FAQ 2023-11-24 11:02:49 +01:00
Richard Körber f9b3242f4c
Improve documentation 
- Rearranged all chapters. It makes content easier to find, as it is not
  buried in unrelated information now.
- Reviewed the content.
- Fixed broken links.
- Added documentation about Renewal Information and Exceptions
 2023-11-24 11:00:29 +01:00
Richard Körber 3ad325782b
Add method to set arbitrary MAC algorithm (#141) 2023-09-22 11:20:31 +02:00
Richard Körber 2336de4416
Announce EOL for v2 2023-08-11 09:47:08 +02:00
Richard Körber af9f236f90
Control gzip compression via system property 2023-08-11 09:45:38 +02:00
Richard Körber b7d17f3fba
Link to sponsor sites 2023-08-11 09:12:30 +02:00
Mathias Loesch 0a45dcb4eb PebbleAcmeProvider: allow setting custom port w/o custom host 
Simplifies usage with testcontainers where the Pebble port in
the Docker container usually gets mapped to a random host port.
 2023-08-11 08:48:51 +02:00
Richard Körber 79c2ab7688
Minor documentation updates 2023-07-21 15:01:51 +02:00
Richard Körber d9894f42eb
Add support for draft-ietf-acme-ari-01 2023-05-20 16:53:18 +02:00
Richard Körber e8b83d6423
Automatically generate CSR in Order class 
With this change, it is not stricly required anymore to create the CSR
oneself. The Order class contains all information to generate a basic
CSR itself.
 2023-05-19 10:20:35 +02:00
Richard Körber e22b47f140
Create tls-alpn-01 cert in challenge class 2023-05-19 10:20:07 +02:00
Richard Körber 16b02efe23
Merge acme4j-utils into acme4j-client 
The separation of acme4j-client and acme4j-utils was a design decision
that should avoid BouncyCastle to be a hard dependency of acme4j-client.
Anyhow acme4j is not really usable without BouncyCastle, so acme4j-utils
is used in almost all projects anyway.

This merge allows to extend the client API with some nice methods that
will make it easier to use.
 2023-05-19 09:58:08 +02:00
Richard Körber 23906ff39c
Add AcmeNotSupportedException 
- Some Optional return values could only be empty if a method was
  invoked although the server did not support that feature. In order to
  keep the API simple, a newly introduced AcmeNotSupportedException is
  now thrown in that case, so these methods will immediately return a
  non-null value. There is always a method to check if a feature is
  available or not, so the invoker can check in advance and does not
  need to actively handle that exception.
- Some other places that previously threw an exception because of
  missing features, are now also throwing AcmeNotSupportedException for
  consistency.
 2023-05-06 17:31:12 +02:00
Richard Körber 1907545e5d
Review all @Nullable return values 
- Most methods now return an Optional instead of a null value
- Reviewed all Collection return values. They may now be empty, but
  never null.
 2023-05-06 17:27:36 +02:00
Richard Körber b0287d4d94
Accept gzip compression 2023-04-24 21:23:58 +02:00
Richard Körber 783fdde013
Use the java.net.http client 
With this patch, the old HttpURLConnection client is replaced with
the new java.net.http client that was introduced in Java 11.
 2023-04-24 21:16:07 +02:00
Richard Körber aeb68c0cb4
Remove deprecated methods 2023-04-23 13:13:27 +02:00
Richard Körber fdc0fb94f1
Require Java 11 or higher 2023-04-23 13:12:27 +02:00
Richard Körber 41d9855bc0
Bump to v3.0.0, adhere to SemVer 2023-04-23 08:44:21 +02:00
Richard Körber 3b4591884b
Extend FAQ 2023-04-21 12:52:49 +02:00