letsencrypt changelog

Changelog History

Page 4

• v0.30.1 Changes

  January 24, 2019

  🛠 Fixed

  • 📌 Always download the pinned version of pip in pipstrap to address breakages
  • 0️⃣ Rename old,default.conf to old-and-default.conf to address commas in filenames breaking recent versions of pip.
  • Add VIRTUALENV_NO_DOWNLOAD=1 to all calls to virtualenv to address breakages from venv downloading the latest pip

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 package with changes other than its version number was:

  • certbot-apache

  More details about these changes can be found on our GitHub repo.

• v0.30.0 Changes

  January 02, 2019

  ➕ Added

  • ➕ Added the update_account subcommand for account management commands.

  🔄 Changed

  • Copied account management functionality from the register subcommand to the update_account subcommand.
  • ⚡️ Marked usage register --update-registration for deprecation and removal in a future release.

  🛠 Fixed

  • Older modules in the josepy library can now be accessed through acme.jose like it could in previous versions of acme. This is only done to preserve backwards compatibility and support for doing this with new modules in josepy will not be added. Users of the acme library should switch to using josepy directly if they haven't done so already.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 package with changes other than its version number was:

  • acme

  More details about these changes can be found on our GitHub repo.

• v0.29.1 Changes

  December 05, 2018

  ➕ Added

  *

  🔄 Changed

  *

  🛠 Fixed

  • 0️⃣ The default work and log directories have been changed back to /var/lib/letsencrypt and /var/log/letsencrypt respectively.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 package with changes other than its version number was:

  • certbot

  More details about these changes can be found on our GitHub repo.

• v0.29.0 Changes

  December 05, 2018

  ➕ Added

  • Noninteractive renewals with certbot renew (those not started from a terminal) now randomly sleep 1-480 seconds before beginning work in order to spread out load spikes on the server side.
  • ➕ Added External Account Binding support in cli and acme library. Command line arguments --eab-kid and --eab-hmac-key added.

  🔄 Changed

  • Private key permissioning changes: Renewal preserves existing group mode & gid of previous private key material. Private keys for new lineages (i.e. new certs, not renewed) default to 0o600.

  🛠 Fixed

  • ⚡️ Update code and dependencies to clean up Resource and Deprecation Warnings.
  • Only depend on imgconverter extension for Sphinx >= 1.6

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 package with changes other than its version number was:

  • acme
  • certbot
  • certbot-apache
  • certbot-dns-cloudflare
  • certbot-dns-digitalocean
  • certbot-dns-google
  • certbot-nginx

  More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/62?closed=1

• v0.28.0 Changes

  ➕ Added

  • revoke accepts --cert-name, and doesn't accept both --cert-name and --cert-path.
  • 👉 Use the ACMEv2 newNonce endpoint when a new nonce is needed, and newNonce is available in the directory.

  🔄 Changed

  • ✂ Removed documentation mentions of #letsencrypt IRC on Freenode.
  • Write README to the base of (config-dir)/live directory
  • --manual will explicitly warn users that earlier challenges should remain in place when setting up subsequent challenges.
  • 🗄 Warn when using deprecated acme.challenges.TLSSNI01
  • 🗄 Log warning about TLS-SNI deprecation in Certbot
  • 🔌 Stop preferring TLS-SNI in the Apache, Nginx, and standalone plugins
  • 🔌 OVH DNS plugin now relies on Lexicon>=2.7.14 to support HTTP proxies
  • 0️⃣ Default time the Linode plugin waits for DNS changes to propogate is now 1200 seconds.

  🛠 Fixed

  • ⚡️ Match Nginx parser update in allowing variable names to start with ${.
  • 🛠 Fix ranking of vhosts in Nginx so that all port-matching vhosts come first
  • ✅ Correct OVH integration tests on machines without internet access.
  • Stop caching the results of ipv6_info in http01.py
  • ✅ Test fix for Route53 plugin to prevent boto3 making outgoing connections.
  • ⚡️ The grammar used by Augeas parser in Apache plugin was updated to fix various parsing errors.
  • The CloudXNS, DNSimple, DNS Made Easy, Gehirn, Linode, LuaDNS, NS1, OVH, and Sakura Cloud DNS plugins are now compatible with Lexicon 3.0+.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 package with changes other than its version number was:

  • acme
  • certbot
  • certbot-apache
  • certbot-dns-cloudxns
  • certbot-dns-dnsimple
  • certbot-dns-dnsmadeeasy
  • certbot-dns-gehirn
  • certbot-dns-linode
  • certbot-dns-luadns
  • certbot-dns-nsone
  • certbot-dns-ovh
  • certbot-dns-route53
  • certbot-dns-sakuracloud
  • certbot-nginx

  More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/59?closed=1

• v0.27.1 Changes

  September 06, 2018

  🛠 Fixed

  • 🛠 Fixed parameter name in OpenSUSE overrides for default parameters in the Apache plugin. Certbot on OpenSUSE works again.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 package with changes other than its version number was:

  • certbot-apache

  More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/60?closed=1

• v0.27.0 Changes

  September 05, 2018

  ➕ Added

  • 🔌 The Apache plugin now accepts the parameter --apache-ctl which can be used to configure the path to the Apache control script.

  🔄 Changed

  • When using acme.client.ClientV2 (or acme.client.BackwardsCompatibleClientV2 with an ACME server that supports a newer version of the ACME protocol), an acme.errors.ConflictError will be raised if you try to create an ACME account with a key that has already been used. Previously, a JSON parsing error was raised in this scenario when using the library with Let's Encrypt's ACMEv2 endpoint.

  🛠 Fixed

  • 🔌 When Apache is not installed, Certbot's Apache plugin no longer prints messages about being unable to find apachectl to the terminal when the plugin is not selected.
  • 🔌 If you're using the Apache plugin with the --apache-vhost-root flag set to a directory containing a disabled virtual host for the domain you're requesting a certificate for, the virtual host will now be temporarily enabled if necessary to pass the HTTP challenge.
  • 📚 The documentation for the Certbot package can now be built using Sphinx 1.6+.
  • You can now call query_registration without having to first call new_account on acme.client.ClientV2 objects.
  • 🚚 The requirement of setuptools>=1.0 has been removed from certbot-dns-ovh.
  • ⚡️ Names in certbot-dns-sakuracloud's tests have been updated to refer to Sakura Cloud rather than NS1 whose plugin certbot-dns-sakuracloud was based on.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 package with changes other than its version number was:

  • acme
  • certbot
  • certbot-apache
  • certbot-dns-ovh
  • certbot-dns-sakuracloud

  More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/57?closed=1

• v0.26.1 Changes

  July 17, 2018

  🛠 Fixed

  • 🛠 Fix a bug that was triggered when users who had previously manually set --server to get ACMEv2 certs tried to renew ACMEv1 certs.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of all Certbot components during releases for the time being, however, the only package with changes other than its version number was:

  • certbot

  More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/58?closed=1

• v0.26.0 Changes

  July 11, 2018

  ➕ Added

  • 🔒 A new security enhancement which we're calling AutoHSTS has been added to Certbot's Apache plugin. This enhancement configures your webserver to send a HTTP Strict Transport Security header with a low max-age value that is slowly increased over time. The max-age value is not increased to a large value until you've successfully managed to renew your certificate. This enhancement can be requested with the --auto-hsts flag.
  • 🆕 New official DNS plugins have been created for Gehirn Infrastracture Service, Linode, OVH, and Sakura Cloud. These plugins can be found on our Docker Hub page at https://hub.docker.com/u/certbot and on PyPI.
  • The ability to reuse ACME accounts from Let's Encrypt's ACMEv1 endpoint on Let's Encrypt's ACMEv2 endpoint has been added.
  • 👍 Certbot and its components now support Python 3.7.
  • Certbot's install subcommand now allows you to interactively choose which certificate to install from the list of certificates managed by Certbot.
  • Certbot now accepts the flag --no-autorenew which causes any obtained certificates to not be automatically renewed when it approaches expiration.
  • 👌 Support for parsing the TLS-ALPN-01 challenge has been added back to the acme library.

  🔄 Changed

  • 0️⃣ Certbot's default ACME server has been changed to Let's Encrypt's ACMEv2 endpoint. By default, this server will now be used for both new certificate lineages and renewals.
  • 🔌 The Nginx plugin is no longer marked labeled as an "Alpha" version.
  • 🔌 The prepare method of Certbot's plugins is no longer called before running "Updater" enhancements that are run on every invocation of certbot renew.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 packages with functional changes were:

  • acme
  • certbot
  • certbot-apache
  • certbot-dns-gehirn
  • certbot-dns-linode
  • certbot-dns-ovh
  • certbot-dns-sakuracloud
  • certbot-nginx

  More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/55?closed=1

• v0.25.1 Changes

  June 13, 2018

  🛠 Fixed

  • 🚚 TLS-ALPN-01 support has been removed from our acme library. Using our current dependencies, we are unable to provide a correct implementation of this challenge so we decided to remove it from the library until we can provide proper support.
  • 📦 Issues causing test failures when running the tests in the acme package with pytest<3.0 has been resolved.
  • certbot-nginx now correctly depends on acme>=0.25.0.

  🚀 Despite us having broken lockstep, we are continuing to release new versions of 🚀 all Certbot components during releases for the time being, however, the only 📦 packages with changes other than their version number were:

  • acme
  • certbot-nginx

  More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/56?closed=1

• « First
• ‹ Prev
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• Next ›
• Last »