Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-09-24 | tls/acme: Ability to customize trusted roots for ACME servers (#2756) | Matt Holt | |
Closes #2702 | |||
2019-09-17 | tls: Clean up expired OCSP staples and certificates | Matthew Holt | |
2019-09-14 | Eliminate some TODOs | Matthew Holt | |
2019-09-13 | http: Consider wildcards when evaluating automatic HTTPS | Matthew Holt | |
2019-09-12 | tls: Do away with SetDefaults which did nothing useful | Matthew Holt | |
CertMagic uses the same defaults for us | |||
2019-09-12 | go.mod: Use lego v3 and CertMagic 0.7.0 | Matthew Holt | |
2019-09-11 | tls: Remove support for TLS 1.0 and TLS 1.1 | Matthew Holt | |
2019-09-11 | tls: Use Let's Encrypt production endpoint | Matthew Holt | |
We're done testing this in staging | |||
2019-09-10 | Require Go 1.13; use Go 1.13's default support for TLS 1.3 | Matthew Holt | |
2019-09-03 | Initial implementation of TLS client authentication (#2731) | Alexandre Stein | |
* Add support for client TLS authentication Signed-off-by: Alexandre Stein <alexandre_stein@interlab-net.com> * make and use client authentication struct * force StrictSNIHost if TLSConnPolicies is not empty * Implement leafs verification * Fixes issue when using multiple verification * applies the comments from maintainers * Apply comment * Refactor/cleanup initial TLS client auth implementation | |||
2019-08-21 | Refactor Caddyfile adapter and module registration | Matthew Holt | |
Use piles from which to draw config values. Module values can return their name, so now we can do two-way mapping from value to name and name to value; whereas before we could only map name to value. This was problematic with the Caddyfile adapter since it receives values and needs to know the name to put in the config. | |||
2019-08-09 | Implement config adapters and beginning of Caddyfile adapter | Matthew Holt | |
Along with several other changes, such as renaming caddyhttp.ServerRoute to caddyhttp.Route, exporting some types that were not exported before, and tweaking the caddytls TLS values to be more consistent. Notably, we also now disable automatic cert management for names which already have a cert (manually) loaded into the cache. These names no longer need to be specified in the "skip_certificates" field of the automatic HTTPS config, because they will be skipped automatically. | |||
2019-07-18 | tls: Use IANA-standard cipher suite names | Matthew Holt | |
2019-07-18 | Fix DNS provider module unmarshaling (closes #2676) | Matthew Holt | |
2019-07-05 | acmemanager: Use storage module key "module" instead of "system" | Matthew Holt | |
2019-07-02 | go.mod: Append /v2 to module name; update all import paths | Matthew Holt | |
See https://github.com/golang/go/wiki/Modules#semantic-import-versioning | |||
2019-07-01 | tls: Enable TLS 1.3 by default; set sane defaults on tls.Config structs | Matthew Holt | |
2019-06-30 | Add license | Matthew Holt | |
2019-06-26 | Optionally enforce strict TLS SNI + HTTP Host matching, & misc. cleanup | Matthew Holt | |
We should look into a way to enable this by default when TLS client auth is configured for a server | |||
2019-06-24 | caddytls: Support tags for manually-loaded certificates | Matthew Holt | |
2019-06-21 | Oops | Matthew Holt | |
2019-06-20 | tls: Improve (and fix) on-demand configuration | Matthew Holt | |
2019-06-18 | Implement templates handler; various minor cleanups and bug fixes | Matthew Holt | |
2019-06-14 | Rename caddy2 -> caddy | Matthew Holt | |
Removes the version from the package name | |||
2019-06-04 | Fix bugs related to auto HTTPS and alternate port configurations | Matthew Holt | |
2019-06-04 | Change import paths to GitHub package names | Matthew Holt | |
2019-06-03 | Customize admin endpoint address with -listen flag | Matthew Holt | |
This is a temporary holdover for development purposes | |||
2019-05-29 | Implement session ticket keys; default STEK module with rotation | Matthew Holt | |
2019-05-28 | Minor cleanups | Matthew Holt | |
2019-05-27 | Separate out certificate selection | Matthew Holt | |
2019-05-24 | Implement custom cert selection policies; optimize matching for SNI | Matthew Holt | |
2019-05-21 | Honor the configured CA value | Matthew Holt | |
2019-05-21 | Module.New() does not need to return an error | Matthew Holt | |
2019-05-16 | Architectural shift to using context for config and module state | Matthew Holt | |
2019-05-14 | Rename and export some types, other minor changes | Matthew Holt | |
2019-05-07 | Remove (unimplemented) enterprise TLS matchers | Matthew Holt | |
2019-04-29 | Instantiate apps that are needed but not explicitly configured | Matthew Holt | |
2019-04-26 | General cleanup and more godocs | Matthew Holt | |
2019-04-25 | Initial commit of Storage, TLS, and automatic HTTPS implementations | Matthew Holt | |