letsencrypt v1.4.0 Release Notes
Release Date: 2020-05-05 // about 4 years ago-
➕ Added
- 0️⃣ Turn off session tickets for apache plugin by default when appropriate.
- ➕ Added serial number of certificate to the output of
certbot certificates - 🔦 Expose two new environment variables in the authenticator and cleanup scripts used by
themanualplugin:CERTBOT_REMAINING_CHALLENGESis equal to the number of challenges
remaining after the current challenge,CERTBOT_ALL_DOMAINSis a comma-separated list
of all domains challenged for the current certificate. - ➕ Added TLS-ALPN-01 challenge support in the
acmelibrary. Support of this
🚀 challenge in the Certbot client is planned to be added in a future release. - ➕ Added minimal proxy support for OCSP verification.
- 🏁 On Windows, hooks are now executed in a Powershell shell instead of a CMD shell,
allowing both*.ps1and*.batas valid scripts for Certbot.
🔄 Changed
- Reorganized error message when a user entered an invalid email address.
- Stop asking interactively if the user would like to add a redirect.
- 📦
mockdependency is now conditional on Python 2 in all of our packages. - 🍎 Deprecate certbot-auto on Gentoo, macOS, and FreeBSD.
🛠 Fixed
- When using an RFC 8555 compliant endpoint, the
acmelibrary no longer sends the
resourcefield in any requests or thetypefield when responding to challenges. - 🛠 Fix nginx plugin crash when non-ASCII configuration file is being read (instead,
the user will be warned that UTF-8 must be used). - 🛠 Fix hanging OCSP queries during revocation checking - added a 10 second timeout.
- 0️⃣ Standalone servers now have a default socket timeout of 30 seconds, fixing
🔌 cases where an idle connection can cause the standalone plugin to hang. - 📜 Parsing of the RFC 8555 application/pem-certificate-chain now tolerates CRLF line
endings. This should fix interoperability with Buypass' services.
More details about these changes can be found on our GitHub repo.