Changelog History
Page 4
-
v0.30.1 Changes
January 24, 2019๐ Fixed
- ๐ Always download the pinned version of pip in pipstrap to address breakages
- 0๏ธโฃ Rename old,default.conf to old-and-default.conf to address commas in filenames breaking recent versions of pip.
- Add VIRTUALENV_NO_DOWNLOAD=1 to all calls to virtualenv to address breakages from venv downloading the latest pip
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ package with changes other than its version number was:
- certbot-apache
More details about these changes can be found on our GitHub repo.
-
v0.30.0 Changes
January 02, 2019โ Added
- โ Added the
update_account
subcommand for account management commands.
๐ Changed
- Copied account management functionality from the
register
subcommand to theupdate_account
subcommand. - โก๏ธ Marked usage
register --update-registration
for deprecation and removal in a future release.
๐ Fixed
- Older modules in the josepy library can now be accessed through acme.jose like it could in previous versions of acme. This is only done to preserve backwards compatibility and support for doing this with new modules in josepy will not be added. Users of the acme library should switch to using josepy directly if they haven't done so already.
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ package with changes other than its version number was:
- acme
More details about these changes can be found on our GitHub repo.
- โ Added the
-
v0.29.1 Changes
December 05, 2018โ Added
*
๐ Changed
*
๐ Fixed
- 0๏ธโฃ The default work and log directories have been changed back to /var/lib/letsencrypt and /var/log/letsencrypt respectively.
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ package with changes other than its version number was:
- certbot
More details about these changes can be found on our GitHub repo.
-
v0.29.0 Changes
December 05, 2018โ Added
- Noninteractive renewals with
certbot renew
(those not started from a terminal) now randomly sleep 1-480 seconds before beginning work in order to spread out load spikes on the server side. - โ Added External Account Binding support in cli and acme library. Command line arguments --eab-kid and --eab-hmac-key added.
๐ Changed
- Private key permissioning changes: Renewal preserves existing group mode & gid of previous private key material. Private keys for new lineages (i.e. new certs, not renewed) default to 0o600.
๐ Fixed
- โก๏ธ Update code and dependencies to clean up Resource and Deprecation Warnings.
- Only depend on imgconverter extension for Sphinx >= 1.6
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ package with changes other than its version number was:
- acme
- certbot
- certbot-apache
- certbot-dns-cloudflare
- certbot-dns-digitalocean
- certbot-dns-google
- certbot-nginx
More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/62?closed=1
- Noninteractive renewals with
-
v0.28.0 Changes
โ Added
revoke
accepts--cert-name
, and doesn't accept both--cert-name
and--cert-path
.- ๐ Use the ACMEv2 newNonce endpoint when a new nonce is needed, and newNonce is available in the directory.
๐ Changed
- โ Removed documentation mentions of
#letsencrypt
IRC on Freenode. - Write README to the base of (config-dir)/live directory
--manual
will explicitly warn users that earlier challenges should remain in place when setting up subsequent challenges.- ๐ Warn when using deprecated acme.challenges.TLSSNI01
- ๐ Log warning about TLS-SNI deprecation in Certbot
- ๐ Stop preferring TLS-SNI in the Apache, Nginx, and standalone plugins
- ๐ OVH DNS plugin now relies on Lexicon>=2.7.14 to support HTTP proxies
- 0๏ธโฃ Default time the Linode plugin waits for DNS changes to propogate is now 1200 seconds.
๐ Fixed
- โก๏ธ Match Nginx parser update in allowing variable names to start with
${
. - ๐ Fix ranking of vhosts in Nginx so that all port-matching vhosts come first
- โ Correct OVH integration tests on machines without internet access.
- Stop caching the results of ipv6_info in http01.py
- โ Test fix for Route53 plugin to prevent boto3 making outgoing connections.
- โก๏ธ The grammar used by Augeas parser in Apache plugin was updated to fix various parsing errors.
- The CloudXNS, DNSimple, DNS Made Easy, Gehirn, Linode, LuaDNS, NS1, OVH, and Sakura Cloud DNS plugins are now compatible with Lexicon 3.0+.
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ package with changes other than its version number was:
- acme
- certbot
- certbot-apache
- certbot-dns-cloudxns
- certbot-dns-dnsimple
- certbot-dns-dnsmadeeasy
- certbot-dns-gehirn
- certbot-dns-linode
- certbot-dns-luadns
- certbot-dns-nsone
- certbot-dns-ovh
- certbot-dns-route53
- certbot-dns-sakuracloud
- certbot-nginx
More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/59?closed=1
-
v0.27.1 Changes
September 06, 2018๐ Fixed
- ๐ Fixed parameter name in OpenSUSE overrides for default parameters in the Apache plugin. Certbot on OpenSUSE works again.
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ package with changes other than its version number was:
- certbot-apache
More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/60?closed=1
-
v0.27.0 Changes
September 05, 2018โ Added
- ๐ The Apache plugin now accepts the parameter --apache-ctl which can be used to configure the path to the Apache control script.
๐ Changed
- When using
acme.client.ClientV2
(oracme.client.BackwardsCompatibleClientV2
with an ACME server that supports a newer version of the ACME protocol), anacme.errors.ConflictError
will be raised if you try to create an ACME account with a key that has already been used. Previously, a JSON parsing error was raised in this scenario when using the library with Let's Encrypt's ACMEv2 endpoint.
๐ Fixed
- ๐ When Apache is not installed, Certbot's Apache plugin no longer prints messages about being unable to find apachectl to the terminal when the plugin is not selected.
- ๐ If you're using the Apache plugin with the --apache-vhost-root flag set to a directory containing a disabled virtual host for the domain you're requesting a certificate for, the virtual host will now be temporarily enabled if necessary to pass the HTTP challenge.
- ๐ The documentation for the Certbot package can now be built using Sphinx 1.6+.
- You can now call
query_registration
without having to first callnew_account
onacme.client.ClientV2
objects. - ๐ The requirement of
setuptools>=1.0
has been removed fromcertbot-dns-ovh
. - โก๏ธ Names in certbot-dns-sakuracloud's tests have been updated to refer to Sakura Cloud rather than NS1 whose plugin certbot-dns-sakuracloud was based on.
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ package with changes other than its version number was:
- acme
- certbot
- certbot-apache
- certbot-dns-ovh
- certbot-dns-sakuracloud
More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/57?closed=1
-
v0.26.1 Changes
July 17, 2018๐ Fixed
- ๐ Fix a bug that was triggered when users who had previously manually set
--server
to get ACMEv2 certs tried to renew ACMEv1 certs.
๐ Despite us having broken lockstep, we are continuing to release new versions of all Certbot components during releases for the time being, however, the only package with changes other than its version number was:
- certbot
More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/58?closed=1
- ๐ Fix a bug that was triggered when users who had previously manually set
-
v0.26.0 Changes
July 11, 2018โ Added
- ๐ A new security enhancement which we're calling AutoHSTS has been added to Certbot's Apache plugin. This enhancement configures your webserver to send a HTTP Strict Transport Security header with a low max-age value that is slowly increased over time. The max-age value is not increased to a large value until you've successfully managed to renew your certificate. This enhancement can be requested with the --auto-hsts flag.
- ๐ New official DNS plugins have been created for Gehirn Infrastracture Service, Linode, OVH, and Sakura Cloud. These plugins can be found on our Docker Hub page at https://hub.docker.com/u/certbot and on PyPI.
- The ability to reuse ACME accounts from Let's Encrypt's ACMEv1 endpoint on Let's Encrypt's ACMEv2 endpoint has been added.
- ๐ Certbot and its components now support Python 3.7.
- Certbot's install subcommand now allows you to interactively choose which certificate to install from the list of certificates managed by Certbot.
- Certbot now accepts the flag
--no-autorenew
which causes any obtained certificates to not be automatically renewed when it approaches expiration. - ๐ Support for parsing the TLS-ALPN-01 challenge has been added back to the acme library.
๐ Changed
- 0๏ธโฃ Certbot's default ACME server has been changed to Let's Encrypt's ACMEv2 endpoint. By default, this server will now be used for both new certificate lineages and renewals.
- ๐ The Nginx plugin is no longer marked labeled as an "Alpha" version.
- ๐ The
prepare
method of Certbot's plugins is no longer called before running "Updater" enhancements that are run on every invocation ofcertbot renew
.
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ packages with functional changes were:
- acme
- certbot
- certbot-apache
- certbot-dns-gehirn
- certbot-dns-linode
- certbot-dns-ovh
- certbot-dns-sakuracloud
- certbot-nginx
More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/55?closed=1
-
v0.25.1 Changes
June 13, 2018๐ Fixed
- ๐ TLS-ALPN-01 support has been removed from our acme library. Using our current dependencies, we are unable to provide a correct implementation of this challenge so we decided to remove it from the library until we can provide proper support.
- ๐ฆ Issues causing test failures when running the tests in the acme package with pytest<3.0 has been resolved.
- certbot-nginx now correctly depends on acme>=0.25.0.
๐ Despite us having broken lockstep, we are continuing to release new versions of ๐ all Certbot components during releases for the time being, however, the only ๐ฆ packages with changes other than their version number were:
- acme
- certbot-nginx
More details about these changes can be found on our GitHub repo: https://github.com/certbot/certbot/milestone/56?closed=1