summaryrefslogtreecommitdiffstats
path: root/certs
Commit message (Expand)AuthorAgeFiles
* Remove trailing spaces.Guilhem Moulin2018-12-051
* DKIM: also include the "d=" tag in key filenames, not only the "s=" tag.Guilhem Moulin2018-12-053
* Upgrade DKIM keys to rsa2048, and allow for multiple keys.Guilhem Moulin2018-12-043
* gencerts: Also show the algorithm for SSH host keys.Guilhem Moulin2018-12-031
* Define new host "calima" serving Nextcloud.Guilhem Moulin2018-12-035
* ssh_known_hosts: also list ed25519 host (pub)keys.Guilhem Moulin2018-12-031
* certs/gencerts.sh: wibbleGuilhem Moulin2018-12-031
* Rotate civett's IPsec's key.Guilhem Moulin2017-05-292
* Change civett's CNAME from civett.friprogramvarusyndikatet.se to civett.fripo...Guilhem Moulin2017-05-141
* HPKP: increase max-mage directive to 6 months from 1 hour.Guilhem Moulin2016-09-181
* gencerts: improve workning: s/pubkey/SPKI/Guilhem Moulin2016-09-181
* Improve certs formatting.Guilhem Moulin2016-07-121
* gencerts: Print the SHA1 digests in hex not base64 format.Guilhem Moulin2016-07-121
* typoGuilhem Moulin2016-07-121
* typoGuilhem Moulin2016-07-121
* gencerts: make the SSHFPR output match the X509 ones.Guilhem Moulin2016-07-121
* gencerts: Include SAN for the website and webmail.Guilhem Moulin2016-07-121
* gencerts: base64-encode the SHA256 digests.Guilhem Moulin2016-07-121
* nginx: Don't hard-code the HPKP headers.Guilhem Moulin2016-07-125
* gencerts: exclude expired certs in the CRT queries.Guilhem Moulin2016-07-101
* Route all internal SMTP traffic through IPsec.Guilhem Moulin2016-07-107
* Change the pubkey extension from .pem to .pub.Guilhem Moulin2016-07-109
* typoGuilhem Moulin2016-06-151
* crt.sh: Replace SHA1 by SHA256 as SPKI digest to list certificates.Guilhem Moulin2016-06-151
* certs/public: fetch each cert's pubkey (SPKI), not the cert itself.Guilhem Moulin2016-06-159
* Renew cert for https://lists.fripost.org.Guilhem Moulin2016-05-281
* IPSec: replace (self-signed) X.509 certs by their raw pubkey for authentication.Guilhem Moulin2016-05-246
* Restore the public part of Bacula's data encryption master key.Guilhem Moulin2016-05-231
* Remove CAcert certificates.Guilhem Moulin2016-05-222
* gencerts: improve formatting.Guilhem Moulin2016-05-221
* Tunnel bacula (dir → {fd,sd} and fd → sd) traffic through IPSec.Guilhem Moulin2016-05-229
* Tunnel munin-update traffic through IPSec.Guilhem Moulin2016-05-226
* Set up IPSec tunnels between each pair of hosts.Guilhem Moulin2016-05-226
* Add an ansible module 'fetch_cmd' to fetch the output of a remote command loc...Guilhem Moulin2016-05-188
* Renew imap.fripost.org:993 and smtp.fripost.org:587 X.509 certificates.Guilhem Moulin2016-05-184
* Set a HPKP on the webmail, website/wiki/git and list manager.Guilhem Moulin2016-04-014
* gencerts.sh: typoGuilhem Moulin2016-03-281
* gencerts.sh: improve formatting.Guilhem Moulin2016-03-281
* Replace LE's X1 intermediate CA with X3 since the latter has better support f...Guilhem Moulin2016-03-281
* Reissue certs on civett and elefant since LE's X3 intermediate CA has better ...Guilhem Moulin2016-03-275
* Let's Encrypt: Only reload (as opposed to restart) postfix/nginx after renewi...Guilhem Moulin2016-03-053
* Let's EncryptGuilhem Moulin2016-03-028
* Improve gencert.shGuilhem Moulin2015-12-201
* Use the Let's Encrypt CA for our public certs.Guilhem Moulin2015-12-2011
* Change Postfix certs from ECDSA to RSA 4096.Guilhem Moulin2015-12-034
* wibbleGuilhem Moulin2015-12-031
* Add script to automatically generate the fingerprint list.Guilhem Moulin2015-12-031
* Add 'git.fripost.org' to the SSH known_hosts file.Guilhem Moulin2015-12-031
* Automatically fetch X.509 certificates, and add them to git.Guilhem Moulin2015-12-039
* Add SSH host keys to git.Guilhem Moulin2015-12-021