Releases: opensciencegrid/osg-pki-tools
v3.2.3
v3.2.2
v3.2.1
v3.2.0
Updated osg-incommon-cert-request as follows:
- Change -f/--hostfile to -F/--hostfile
- Change -T/--test to -t/--test
- Switch argparsing to ArgumentParser
- Validate if filepath exists and can be read at the ArgumentParser
- Stop wrapping text messages
- Include the program name in error messages
- Show message per certificate when request or retrieval fails
- Increased the number of retries for certificate retrieval
v3.1.1
- Rename request.py to cert_request.py
- Move common crypto code to cert_utils.py
- Change permissions on generated keys to 644
- Make -k and -c required in osg-incommon-cert-request, with no default
- Expand tildes in --cert= and --key= osg-incommon-cert-request options
- Immediately fail osg-incommon-cert-request if InCommon authentication fails
v3.1.0
Added osg-incommon-cert-request
, which can be used to request and retrieve host or service certificates from the InCommon CA. It requires a user account with InCommon authorized to use the remote API, and a user certificate and key issued by InCommon that is authorized to create host certificates for that account.
v3.0.1
Fixed bug where osg-cert-request did not accept multi-word state/province names (SOFTWARE-3591)
v3.0.0
A major rewrite of the osg-pki-tools due to the retirement of OIM and the OSG CA (https://opensciencegrid.org/technology/policy/service-migrations-spring-2018/). 3.0.0 only contains osg-cert-request
, which now generates certificate signing request (CSR) and private key pairs. The intention is that admins will generate CSRs to request InCommon host certificates (https://opensciencegrid.org/docs/security/host-certs/#requesting-incommon-host-certificates).
JIRA tickets addressed in this version:
- Add an option to request CSRs SOFTWARE-3228
v2.1.4
v2.1.3
- Fix osg-user-cert-renew when called without cert and key options SOFTWARE-3061