aboutsummaryrefslogtreecommitdiffstats
path: root/core/certmanager.lua
Commit message (Expand)AuthorAgeFilesLines
* core: Prefix module imports with prosody namespaceKim Alvefur2023-03-171-5/+5
* Merge 0.12->trunkKim Alvefur2022-05-161-2/+2
|\
| * core.certmanager: Expand debug messages about cert lookups in indexKim Alvefur2022-05-161-2/+2
* | net: refactor sslconfig to not depend on LuaSecJonas Schäfer2022-04-021-1/+1
* | net: isolate LuaSec-specificsJonas Schäfer2022-04-271-33/+1
|/
* Merge config-updates+check-turn from timberMatthew Wild2022-03-041-13/+3
|\
| * core.certmanager: Turn soft dependency on LuaSec into a hardKim Alvefur2022-02-101-13/+3
* | core.certmanager: Ensure key exists for fullchainKim Alvefur2022-02-211-1/+1
|/
* core.certmanager: Relax certificate filename check #1713Kim Alvefur2022-02-141-8/+2
* core.certmanager: Use 'tls_profile' instead of 'tls_preset' to match document...Kim Alvefur2022-01-181-3/+3
* core.certmanager: Apply TLS preset before global settings (thanks Menel)Kim Alvefur2022-01-181-1/+1
* core.certmanager: Disable DANE name checks (not needed for XMPP)Kim Alvefur2021-09-161-1/+1
* core.certmanager: Add curveslist to 'old' Mozilla TLS presetKim Alvefur2021-12-261-1/+2
* core.certmanager: Check index for wildcard certsKim Alvefur2021-12-221-1/+2
* prosodyctl cert: use the indexing functions for better UXJonas Schäfer2021-12-211-6/+14
* core.certmanager: Rename preset option to 'tls_preset'Kim Alvefur2021-12-221-1/+1
* core.certmanager: Add "legacy" preset for keeping previous default settingsKim Alvefur2021-12-221-1/+3
* core.certmanager: Add TLS 1.3 cipher suites to Mozilla TLS presetsKim Alvefur2021-11-031-1/+7
* core.certmanager: Presets based on Mozilla SSL Configuration GeneratorKim Alvefur2019-12-221-0/+60
* core.certmanager: Support 'use_dane' setting to enable DANE supportKim Alvefur2021-07-181-0/+2
* core.certmanager: Skip service certificate lookup for https clientKim Alvefur2021-05-271-1/+2
* Merge 0.11->trunkMatthew Wild2021-05-131-9/+12
|\
| * certmanager: Disable renegotiation by defaultMatthew Wild2021-05-111-0/+2
| * core.certmanager: Test for SSL options in absence of LuaSec configKim Alvefur2021-04-261-5/+9
| * core.certmanager: Attempt to directly access LuaSec config tableKim Alvefur2021-04-261-1/+1
| * core.certmanager: Move EECDH ciphers before EDH in default cipherstring (fixe...Kim Alvefur2019-08-251-1/+1
* | core.certmanager: Catch error from lfsKim Alvefur2021-05-071-1/+11
* | core.certmanager: Resolve certs path relative to config dirKim Alvefur2021-05-071-3/+3
* | core.certmanager: Skip directly to guessing of key from cert filenameKim Alvefur2021-05-051-2/+17
* | core.certmanager: Join paths with OS-aware util.paths functionKim Alvefur2021-05-051-2/+3
* | core.certmanager: Build an index over certificatesKim Alvefur2021-04-101-0/+79
* | core.certmanager: Check for complete filenameKim Alvefur2021-04-101-1/+1
* | core.certmanager: Add comments explaining the 'verifyext' TLS settingsKim Alvefur2021-02-061-1/+4
* | core.certmanager: Add TODO about LuaSec issueKim Alvefur2020-06-071-0/+3
* | Merge 0.11->trunkKim Alvefur2020-04-101-6/+8
|\|
| * core.certmanager: Look for privkey.pem to go with fullchain.pem (fix #1526)Kim Alvefur2020-04-101-6/+8
* | core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI su...Kim Alvefur2019-11-291-0/+1
* | core.certmanager: Lower severity for tls config not having certKim Alvefur2019-09-071-2/+4
* | core.certmanager: Remove unused import [luacheck]Kim Alvefur2019-08-251-1/+0
* | Remove COMPAT with temporary luasec forkKim Alvefur2019-08-251-7/+0
* | core.certmanager: Move EECDH ciphers before EDH in default cipherstringKim Alvefur2019-08-251-1/+1
* | core.certmanager: Do not ask for client certificates by defaultKim Alvefur2019-03-101-1/+1
|/
* Merge 0.10->trunkKim Alvefur2018-05-251-1/+1
|\
| * core.certmanager: Allow all non-whitespace in service name (fixes #1019)Kim Alvefur2018-05-251-1/+1
* | vairious: Add annotation when an empty environment is set [luacheck]Kim Alvefur2018-02-281-0/+1
|/
* certmanager: Check for missing certificate before key in configuration (shoul...Kim Alvefur2017-12-281-1/+1
* certmanager: Set single curve conditioned on LuaSec advertising EC crypto sup...Kim Alvefur2017-11-201-1/+1
* certmanager: Filter out curves not supported by LuaSecKim Alvefur2017-11-201-0/+12
* certmanager: Change table representing LuaSec capabilities to match capabilit...Kim Alvefur2017-11-201-13/+20
* core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if u...Kim Alvefur2017-09-271-0/+6