letsencrypt v1.6.0 Release Notes
Release Date: 2020-07-07 // over 3 years ago-
โ Added
- Certbot snaps are now available for the arm64 and armhf architectures.
- โ Add minimal code to run Nginx plugin on NetBSD.
- ๐ Make Certbot snap find externally snapped plugins
- Function
certbot.compat.filesystem.umask
is a drop-in replacement foros.umask
๐ implementing umask for both UNIX and Windows systems. - ๐ Support for alternative certificate chains in the
acme
module. - โ Added
--preferred-chain <issuer CN>
. If a CA offers multiple certificate chains,
it may be used to indicate to Certbot which chain should be preferred.- e.g.
--preferred-chain "DST Root CA X3"
- e.g.
๐ Changed
- ๐ Allow session tickets to be disabled in Apache when mod_ssl is statically linked.
- โ Generalize UI warning message on renewal rate limits
- ๐ Certbot behaves similarly on Windows to on UNIX systems regarding umask, and
0๏ธโฃ the umask022
is applied by default: all files/directories are not writable by anyone
other than the user running Certbot and the system/admin users. - Read acmev1 Let's Encrypt server URL from renewal config as acmev2 URL to prepare
๐ for impending acmev1 deprecation.
๐ Fixed
- Cloudflare API Tokens may now be restricted to individual zones.
- Don't use
StrictVersion
, butLooseVersion
to check version requirements with setuptools,
to fix some packaging issues with libraries respecting PEP404 for version string,
with doesn't matchStrictVersion
requirements. - Certbot output doesn't refer to SSL Labs due to confusing scoring behavior.
- ๐ Fix paths when calling to programs outside of the Certbot Snap, fixing the apache and nginx
๐ plugins on, e.g., CentOS 7.
More details about these changes can be found on our GitHub repo.