maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity
4,793 Commits 6 Branches 188 Tags
b118883013966ecbb2383ca98c1d3262ace2abd7
Commit Graph

40 Commits

Author SHA1 Message Date
Michael Kaufmann
d1d42f2055 allow setting path to acme.sh installation; fixes #1002 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2021-12-31 10:38:49 +01:00
Michael Kaufmann
86939a64da add buypass testing/staging ACME endpoint; create CAA entries accordingly if activated; refs #968 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2021-07-29 21:24:43 +02:00
Jens Meißner
926ce427fc Add Buypass to the list of ACME providers. (#968) 2021-07-29 21:15:49 +02:00
Michael Kaufmann
73991e855c Support ZeroSSL via acme.sh (v3); refs #946 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2021-06-27 09:00:44 +02:00
Michael Kaufmann
bc73ed0c75 adjust tls default value to tlsv1.2; refs #839 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2020-05-18 20:48:04 +02:00
Michael Kaufmann
78fc4f84b2 add optional dns validation for let's encrypt activated domains; fixes #817 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2020-04-14 10:28:33 +02:00
Michael Kaufmann
7f999302fa do not require enabled vhost-container for froxlor-vhost to change sslsessiontickets-setting 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2020-02-14 19:26:06 +01:00
Michael Kaufmann
3eb1718fe0 add option to disable SSL sessiontickets globally for older systems, fixes #784 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-12-31 12:27:35 +01:00
Michael Kaufmann
7dff46b63e set production Lets Encrypt endpoint as default in settings like the installation does; do nat-sorting only on username-related fields, fixes #765 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-12-05 07:52:11 +01:00
Michael Kaufmann
0d0e557715 force Let's Encrypt ACMEv2 API, fixed #728 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-10-11 18:17:05 +02:00
Michael Kaufmann
eb5ea51da1 add explicit tlsv1.3 ciphersuite setting (used for apache-only as of now) 2019-10-04 17:43:11 +02:00
Michael Kaufmann
1b968c885b remove old files from 0.9.x to avoid conflicts and errors; change mod_proxy-usage and ACMEv2 default values to true 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-09-15 10:28:19 +02:00
Michael Kaufmann
2273a11978 remove unneeded let's encrypt settings; self-update acme.sh only once a day 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-02-17 20:36:18 +01:00
Michael Kaufmann
5c36b79277 honor setting for let's encrypt key size if needed 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-02-17 19:47:51 +01:00
Michael Kaufmann
459cbcc0dd keep re-use old-key setting for Let's Encrypt 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-02-17 19:25:23 +01:00
Michael Kaufmann
73a059b318 usinng acme.sh for issuing Let's Encrypt certificates now; please test thoroughly; fixes #651 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2019-02-17 16:17:35 +01:00
Michael Kaufmann
7e39a7bc60 Revert "refactor global array" 
This reverts commit 370ccbdb74.
 2018-12-22 08:15:31 +01:00
Michael Kaufmann
370ccbdb74 refactor global array 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 20:51:44 +01:00
Michael Kaufmann
7c68fa7bd0 fixed a few functions I've missed 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-21 19:16:49 +01:00
Michael Kaufmann
2c893fef25 adjustments in settings-arrays 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
 2018-12-19 14:54:46 +01:00
quthla
090bdaaea8 Add TLSv1.3 2018-10-20 13:29:25 +02:00
Michael Kaufmann (d00p)
d8a3015303 put le acme version setting right above the CA setting, less confusing 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-27 11:50:34 +01:00
Michael Kaufmann (d00p)
4bcdfc0786 Added option to set the TLS protocol versions to be used in webservers 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-10 10:12:26 +01:00
Michael Kaufmann (d00p)
d40d1f30b6 make it a setting to switch between ACME v1 and v2 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2018-01-09 14:50:52 +01:00
Michael Kaufmann (d00p)
66a4309fe5 add setting to disable LE self-check; set version to 0.9.38.8 for maintenance/bugfix release 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2017-12-31 11:18:59 +01:00
Max Khon
3870cc1002 Add default value for apache24_ocsp_cache_path, otherwise saving 
SSL settings for !apache24 fails on apache24_ocsp_cache_path validation.
 2017-04-17 15:55:49 +07:00
Daniel Reichelt
ec1bd6e19a add OCSP stapling support for apache2 and nginx 2017-04-11 17:09:34 +02:00
Michael Kaufmann (d00p)
c00abc3b92 move froxlor hsts settings to 'froxlor vhost settings' to make clear it's only for froxlor anbd not a system-wide default for all domains; fix superfluous english text from german language file 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-11-27 11:40:33 +01:00
Michael Kaufmann (d00p)
301dadaa02 fix global hsts-includeSubdomain setting, thx to iam 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-11-27 10:46:50 +01:00
Michael Kaufmann (d00p)
4a3e02c1f0 add HSTS for domains (admin-side) and froxlor-vhost; fixes #1660 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-10-07 11:01:45 +02:00
Michael Kaufmann (d00p)
4229d8dda4 make path to acme.conf global alias file customizable 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-09-12 11:49:07 +02:00
Michael Kaufmann (d00p)
b8c2047379 try to implement ssl-redirect for froxlor-vhost; combine various settings that are froxlor-vhost related into its own category, fixes #1480 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-09-11 17:48:08 +02:00
Michael Kaufmann (d00p)
e4887362ec added let's encrypt for froxlor vhost - untested for now, testers are welcome 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-09-05 17:01:10 +02:00
Michael Kaufmann (d00p)
5789e9a8a4 re-add old IDNA class so we do not have to force the php-5.6 requirement for froxlor 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-06-19 18:59:44 +02:00
Michael Kaufmann (d00p)
604f37bd17 intriduce DB version (again) so we can keep release-version numbers while updating the database; added enable/disable switch for Let's Encrypt 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2016-03-07 13:47:22 +01:00
Florian Aders
e621e02f92 Allow selecting new keysize, fixes #1594 
Prepare database and cron for HSTS, refs #1593
Added option to re-use key and CSR for Let's Encrypt

Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-19 17:35:44 +01:00
Florian Aders
2472a52fed Make some Let's encrypt settings configurable 
Signed-off-by: Florian Aders <eleras@froxlor.org>
 2016-02-03 17:21:48 +01:00
Michael Kaufmann (d00p)
c3da264cfe change default ssl-cipher-list; minor changes in config-xmls, fixes #1541 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2015-07-08 16:04:18 +02:00
Michael Kaufmann (d00p)
6ac4b87a84 make ssl-cipher-list an option, fixes #1274 ; improve ssl-related language-strings; setting version to 0.9.30 for release 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-10-24 19:45:13 +02:00
Michael Kaufmann (d00p)
350e1b2d2d if empty string is allowed for file/folder in settings by definition, really allow empty string; fixes #1160 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
 2013-04-06 13:38:57 +02:00