Certificate status monitor and PKI enrollment client
c68c5e7f21
- update to 0.79.2:
- update %%docs list because README is now README.md
- update to 0.79.1:
- update translations
- fix 'make archive' target
- update to 0.79:
- getcert now offers an option (-X) for requesting processing by a particular
CA if the server we're contacting is running more than one
- getcert also offers options (--for-ca, --not-for-ca, --ca-path-length) for
requesting BasicConstraints values
- getcert now displays times in local time instead of UTC, which was
previously the only way they were displayed; the --utc option can often be
used to switch back to its previous behavior
- the SCEP enrollment helper now correctly issues GetCACertChain requests to
SCEP servers, instead of issuing a GetCAChain request, which isn't part of
the protocol; from report by Jason Garland
- when issuing SCEP requests, the ID of the CA included in the HTTP request
is now URL-encoded, as it should be
- renewal or notification-of-impending-expiration logic is now triggered
closer to TTL thresholds rather than waiting for a periodic check to pass a
threshold
- properly builds with OpenSSL 1.1, thanks to Lukas Slebodnik and Tomas Mraz
for a lot of the legwork
- resync .spec file with Fedora
- upstream project migrated from fedorahosted.org to pagure.io
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
||
|---|---|---|
| .gitignore | ||
| certmonger.spec | ||
| sources | ||