b1e869e125
add key usage/extended key usage extensions
2024-10-04 23:20:20 +01:00
4942285f6d
x509 cert version 3
2024-10-04 23:08:19 +01:00
c4ea32ab1e
--sign-file signs a single CSR from command line then exits
2024-10-04 23:07:48 +01:00
f3960c6b76
add basicConstraints
2024-10-04 23:07:03 +01:00
cb84c20e73
fix pathnames in README
2024-10-04 18:48:28 +01:00
b52bdfc813
copy requested extensions to certificate
2024-10-04 18:14:48 +01:00
c70eefbf56
polish the README and remove my local config from it
2024-10-02 18:04:42 +01:00
7fb8e1142c
curl with our custom ca cert
2024-10-02 00:28:12 +01:00
3aa3bacae9
fiddle with ca cert gen options
...
this is because s6-tlsclient refused to connect with
Not a CA, or path length constraint violation. (BR_ERR_X509_NOT_CA)
error
2024-10-02 00:26:44 +01:00
cc3e695174
upate lusossl patch
2024-10-02 00:26:21 +01:00
0844177d51
more text, inclding actual reasons you shouldn't use it
2024-09-29 10:20:10 +01:00
a56a9ba013
handle CSRs with no attributes
2024-09-29 10:19:07 +01:00
e4410323cf
add error handler
2024-09-27 19:47:31 +01:00
d98f78db85
use https
2024-09-27 19:47:11 +01:00
42aa1d8f0a
improve method name, use ncall for server.listen
2024-09-26 22:14:45 +01:00
9ef1947211
check io.open return
2024-09-26 22:11:37 +01:00
ba3795e3f2
bind to address provided on command line
...
bonus: and print an error if we couldn't
2024-09-26 22:08:29 +01:00
32099b7541
parse command-line for options instead of hardcoding
...
note port is still hardcoded
2024-09-26 22:05:13 +01:00
e410cef1f4
inline not-found function
2024-09-26 21:34:37 +01:00
afd3088cee
matchng psk in example between client and expected
2024-09-25 21:40:01 +01:00
1a3e7918b2
add title
2024-09-25 21:34:27 +01:00
27f2718ec5
remove newline
2024-09-25 21:31:04 +01:00
db96baa96b
improve README
2024-09-25 21:30:55 +01:00
20fdd0aac6
add openssl in shell environment
2024-09-25 21:17:42 +01:00
fe98a413ee
implement policy-based signing
...
the csr will be signed iff it has a challengePassword attribute
containing a value matching the contents of the "psk" file
yeah, UX could use a little work
2024-09-25 21:14:13 +01:00
911faaa0ef
extract method send-error
2024-09-25 12:26:34 +01:00
ad29d9e100
extract method make-headers
2024-09-25 12:23:49 +01:00
ed53c967d7
improve README
2024-09-25 12:07:30 +01:00
8a7287d552
unhardcode the certificate serial number
2024-09-25 12:00:40 +01:00
6ddae21727
initial commit
2024-09-25 10:20:14 +01:00
