Checkout Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Merged /httpd/httpd/trunk:r1864425

* mod_md: assigning APLOGNO(), silencing compiler warnings

  1. … 4 more files in changeset.
Merge of r1863635 from trunk:

*) md_crypt: Wrap get_ct_scts_nid(void) definition to avoid unused function error

when building in maintainer mode. [jim]

  1. … 2 more files in changeset.
Merged /httpd/httpd/trunk:r1861448,1862013,1862041,1862052,1862785

*) mod_md: new features

- supports the ACMEv2 protocol

- new challenge method 'tls-alpn-01' implemented, needs mod_ssl patch to become available

- supports command configuration to setup/teardown 'dns-01' challenges

- supports wildcard certificates when dns challenges are configured

- ACMEv2 is the new default and will be used on the next certificate renewal,

unless another MDCertificateAuthority is configured

- challenge type 'tls-sni-01' has been removed as CAs do not offer this any longer

- a domain exposes its status at https://<domain>/.httpd/certificate-status

- Managed Domains are now in Apache's 'server-status' page

- A new handler 'md-status' exposes verbose status information in JSON format

- new directives "MDCertificateFile" and "MDCertificateKeyFile" to configure a

Managed Domain that uses static files. Auto-renewal is turned off for those.

- new MDMessageCmd that is invoked on several events: 'renewed', 'expiring' and

'errored'. New 'MDWarnWindow' directive to configure when expiration warnings

shall be issued.

- ACMEv2 endpoints use the GET via empty POST way of accessing resources, see

announcement by Let's Encrypt:

https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380

  1. … 53 more files in changeset.
On the 2.4.x branch:

merge r1836095 from trunk:

* using the, hopefully correct, ever elusive libressl version numbering check for the new openssl API calls, fixes PR 62548.

  1. … 1 more file in changeset.
On the 2.4.x branch:

backport of current mod_md version and documentation.

  1. … 6 more files in changeset.
Merge r1826973 from trunk:

mod_md: Fix compilation with OpenSSL before version 1.0.2.

Symbol ASN1_TIME_diff is only available for 1.0.2+,

but luckily alternative code we can use is already

available, originally written for the LibreSSL case.

Submitted by: rjung

Reviewed by: rjung, ylavic, jim

  1. … 3 more files in changeset.
On the 2.4.x branch:

mod_md: merged copyright de-advertisements.

  1. … 37 more files in changeset.