aboutsummaryrefslogtreecommitdiffstats
path: root/core/certmanager.lua
Commit message (Expand)AuthorAgeFilesLines
* core.certmanager: Include ffdhe2048 from RFC 7919 as default DH paramKim Alvefur2024-07-121-1/+13
* core.certmanager: Handle dane context setting same way on reload as on initia...Kim Alvefur2023-11-041-1/+7
* core.certmanager: Tweak log level of message about SNI being requiredKim Alvefur2023-10-291-1/+1
* Merge 0.12->trunkKim Alvefur2023-10-271-1/+4
|\
| * core.certmanager: Validate that 'tls_profile' is one of the valid valuesKim Alvefur2023-10-271-1/+4
* | Merge 0.12->trunkKim Alvefur2023-07-101-1/+2
|\|
| * core.certmanager: Update Mozilla TLS config to version 5.7Kim Alvefur2023-07-091-1/+2
* | net.tls_luasec: Expose method for loading a certificateKim Alvefur2023-05-271-2/+1
* | net.certmanager: Move LuaSec feature detection to net.tls_luasecKim Alvefur2023-05-271-35/+12
* | core: Prefix module imports with prosody namespaceKim Alvefur2023-03-171-5/+5
* | Merge 0.12->trunkKim Alvefur2022-05-161-2/+2
|\|
| * core.certmanager: Expand debug messages about cert lookups in indexKim Alvefur2022-05-161-2/+2
* | net: refactor sslconfig to not depend on LuaSecJonas Schäfer2022-04-021-1/+1
* | net: isolate LuaSec-specificsJonas Schäfer2022-04-271-33/+1
|/
* Merge config-updates+check-turn from timberMatthew Wild2022-03-041-13/+3
|\
| * core.certmanager: Turn soft dependency on LuaSec into a hardKim Alvefur2022-02-101-13/+3
* | core.certmanager: Ensure key exists for fullchainKim Alvefur2022-02-211-1/+1
|/
* core.certmanager: Relax certificate filename check #1713Kim Alvefur2022-02-141-8/+2
* core.certmanager: Use 'tls_profile' instead of 'tls_preset' to match document...Kim Alvefur2022-01-181-3/+3
* core.certmanager: Apply TLS preset before global settings (thanks Menel)Kim Alvefur2022-01-181-1/+1
* core.certmanager: Disable DANE name checks (not needed for XMPP)Kim Alvefur2021-09-161-1/+1
* core.certmanager: Add curveslist to 'old' Mozilla TLS presetKim Alvefur2021-12-261-1/+2
* core.certmanager: Check index for wildcard certsKim Alvefur2021-12-221-1/+2
* prosodyctl cert: use the indexing functions for better UXJonas Schäfer2021-12-211-6/+14
* core.certmanager: Rename preset option to 'tls_preset'Kim Alvefur2021-12-221-1/+1
* core.certmanager: Add "legacy" preset for keeping previous default settingsKim Alvefur2021-12-221-1/+3
* core.certmanager: Add TLS 1.3 cipher suites to Mozilla TLS presetsKim Alvefur2021-11-031-1/+7
* core.certmanager: Presets based on Mozilla SSL Configuration GeneratorKim Alvefur2019-12-221-0/+60
* core.certmanager: Support 'use_dane' setting to enable DANE supportKim Alvefur2021-07-181-0/+2
* core.certmanager: Skip service certificate lookup for https clientKim Alvefur2021-05-271-1/+2
* Merge 0.11->trunkMatthew Wild2021-05-131-9/+12
|\
| * certmanager: Disable renegotiation by defaultMatthew Wild2021-05-111-0/+2
| * core.certmanager: Test for SSL options in absence of LuaSec configKim Alvefur2021-04-261-5/+9
| * core.certmanager: Attempt to directly access LuaSec config tableKim Alvefur2021-04-261-1/+1
| * core.certmanager: Move EECDH ciphers before EDH in default cipherstring (fixe...Kim Alvefur2019-08-251-1/+1
* | core.certmanager: Catch error from lfsKim Alvefur2021-05-071-1/+11
* | core.certmanager: Resolve certs path relative to config dirKim Alvefur2021-05-071-3/+3
* | core.certmanager: Skip directly to guessing of key from cert filenameKim Alvefur2021-05-051-2/+17
* | core.certmanager: Join paths with OS-aware util.paths functionKim Alvefur2021-05-051-2/+3
* | core.certmanager: Build an index over certificatesKim Alvefur2021-04-101-0/+79
* | core.certmanager: Check for complete filenameKim Alvefur2021-04-101-1/+1
* | core.certmanager: Add comments explaining the 'verifyext' TLS settingsKim Alvefur2021-02-061-1/+4
* | core.certmanager: Add TODO about LuaSec issueKim Alvefur2020-06-071-0/+3
* | Merge 0.11->trunkKim Alvefur2020-04-101-6/+8
|\|
| * core.certmanager: Look for privkey.pem to go with fullchain.pem (fix #1526)Kim Alvefur2020-04-101-6/+8
* | core.portmanager: Fix TLS context inheritance for SNI hosts (completes SNI su...Kim Alvefur2019-11-291-0/+1
* | core.certmanager: Lower severity for tls config not having certKim Alvefur2019-09-071-2/+4
* | core.certmanager: Remove unused import [luacheck]Kim Alvefur2019-08-251-1/+0
* | Remove COMPAT with temporary luasec forkKim Alvefur2019-08-251-7/+0
* | core.certmanager: Move EECDH ciphers before EDH in default cipherstringKim Alvefur2019-08-251-1/+1