Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Command revoke: Do not remove duplicate certificate by serial #1177

Merged
merged 4 commits into from
Jun 27, 2024
Merged

Command revoke: Do not remove duplicate certificate by serial #1177

merged 4 commits into from
Jun 27, 2024

Commits on Jun 26, 2024

  1. Command revoke: Do not remove duplicate certificate by serial 

    Signed-off-by: Richard T Bonhomme <[email protected]>
    @TinCanTech
    TinCanTech committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    3da7f66 View commit details
    Browse the repository at this point in the history

  2. Command revoke: Conditionally move request and key files 

    For 'revoke',  always move the req/key files.
It is assumed that revoking an issued cert implies that renewal
is not desired.

For 'revoke-expired' and 'revoke-renewed', never move the req/key files.
It is assumed that revoking an expired or renewed cert implies that
renewal is desired.

Signed-off-by: Richard T Bonhomme <[email protected]>
    @TinCanTech
    TinCanTech committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    4537ae7 View commit details
    Browse the repository at this point in the history

Commits on Jun 27, 2024

  1. Command gen-req: Always check for an existing request file 

    Signed-off-by: Richard T Bonhomme <[email protected]>
    @TinCanTech
    TinCanTech committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    7eab98e View commit details
    Browse the repository at this point in the history

  2. ChangeLog: Command revoke/revoke-expired/-renewed: Old file removal 

    revoke: Always remove old req/key files.
It is assumed that revoking an issued certificate does not require
subsequesnt renewal.

revoke-expired/revoke-renewed: Never remove old req/key files.
It is assumed that revoking an expired or renewed certificate does
require subsequent renewal.

Never remove the duplicate certificate by serial, this file must
always be unique, so it does not need to be removed.
This also allows status reports to have simple access to all signed
certificates, regardless of status.

Signed-off-by: Richard T Bonhomme <[email protected]>
    @TinCanTech
    TinCanTech committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    d6c5e52 View commit details
    Browse the repository at this point in the history