diff options
| author | Stefan Eissing <icing@apache.org> | 2019-06-24 18:04:32 +0200 |
|---|---|---|
| committer | Stefan Eissing <icing@apache.org> | 2019-06-24 18:04:32 +0200 |
| commit | 2498e69562bf086ad2a9f05292a988d75fbd3aa3 (patch) | |
| tree | 73c8bfa40cee8bb41fb0ee0db9a18cfd47e8201f /modules/md/mod_md_drive.h | |
| parent | mod_ssl: use OPENSSL_init_ssl() to initialise OpenSSL on versions 1.1+. (diff) | |
| download | apache2-2498e69562bf086ad2a9f05292a988d75fbd3aa3.tar.xz apache2-2498e69562bf086ad2a9f05292a988d75fbd3aa3.zip | |
*) mod_md: bringing over v2.0.6 from github.
- supports the ACMEv2 protocol
- supports the new challenge method 'tls-alpn-01'
- supports command configuration to setup/teardown 'dns-01' challenges
- supports wildcard certificates when dns challenges are configured
- ACMEv2 is the new default and will be used on the next certificate renewal,
unless another MDCertificateAuthority is configured
- challenge type 'tls-sni-01' has been removed as CAs do not offer this any longer
- a domain exposes its status at https://<domain>/.httpd/certificate-status
- Managed Domains are now in Apache's 'server-status' page
- A new handler 'md-status' exposes verbose status information in JSON format
- new directives "MDCertificateFile" and "MDCertificateKeyFile" to configure a
Managed Domain that uses static files. Auto-renewal is turned off for those.
- new MDMessageCmd that is invoked on several events: 'renewed', 'expiring' and
'errored'. New 'MDWarnWindow' directive to configure when expiration warnings
shall be issued.
- ACMEv2 endpoints use the GET via empty POST way of accessing resources, see
announcement by Let's Encrypt:
https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1862013 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/md/mod_md_drive.h')
| -rw-r--r-- | modules/md/mod_md_drive.h | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/modules/md/mod_md_drive.h b/modules/md/mod_md_drive.h new file mode 100644 index 0000000000..be158674c6 --- /dev/null +++ b/modules/md/mod_md_drive.h @@ -0,0 +1,35 @@ +/* Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef mod_md_md_drive_h +#define mod_md_md_drive_h + +struct md_mod_conf_t; +struct md_reg_t; + +typedef struct md_drive_ctx md_drive_ctx; + +int md_will_renew_cert(const md_t *md); + +/** + * Start driving the certificate procotol for the domains mentioned in mc->watched_names. + */ +apr_status_t md_start_watching(struct md_mod_conf_t *mc, server_rec *s, apr_pool_t *p); + + + + +#endif /* mod_md_md_drive_h */ |