certbot formerly letsencrypt client for Lets Encrypt Certificates
ATTENTION: Version 1.23.0 is the last version which can be use in Leap.
Version >= 1.24 need python3 >= 3.7
Certbot (previously, the Let's Encrypt client) is an easy-to-use automatic client that fetches and deploys
SSL/TLS certificates for your webserver.
Certbot was developed by EFF and others as a client for Let’s Encrypt and was previously known as
“the official Let’s Encrypt client” or “the Let’s Encrypt Python client.”
Certbot will also work with any other CAs that support the ACME protocol.
While there are many other clients that implement the ACME protocol to fetch certificates, Certbot is the
most extensive client and can automatically configure your webserver to start serving over HTTPS immediately.
For Apache, it can also optionally automate security tasks such as tuning ciphersuites and enabling important
security features such as HTTP → HTTPS redirects, OCSP stapling, HSTS, and upgrade-insecure-requests.
Certbot is part of EFF’s larger effort to encrypt the entire Internet. Websites need to use HTTPS to secure
the web. Along with HTTPS Everywhere, Certbot aims to build a network that is more structurally private,
safe, and protected against censorship.
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:ecsos:server/certbot && cd $_ - Create Badge
Source Files
| Filename | Size | Changed |
|---|---|---|
| README.SUSE | 0000001749 1.71 KB | |
| _link | 0000000130 130 Bytes | |
| certbot-cli.ini.patch | 0000001527 1.49 KB | |
| certbot-fix_constants.patch | 0000001105 1.08 KB | |
| certbot.changes | 0000022896 22.4 KB | |
| certbot.cron | 0000000949 949 Bytes | |
| certbot.rpmlintrc | 0000000153 153 Bytes | |
| certbot.spec | 0000015907 15.5 KB | |
| v0.26.0.tar.gz | 0001236499 1.18 MB |
Revision 123 (latest revision is 238)
Eric Schirra (ecsos)
committed
(revision 123)
- update to 0.26.0
* Added
- A new security enhancement which we're calling AutoHSTS has
been added to Certbot's Apache plugin. This enhancement
configures your webserver to send a HTTP Strict Transport
Security header with a low max-age value that is slowly
increased over time. The max-age value is not increased to
a large value until you've successfully managed to renew your
certificate.
This enhancement can be requested with the --auto-hsts flag.
- New official DNS plugins have been created for Gehirn
Infrastracture Service, Linode, OVH, and Sakura Cloud.
These plugins can be found on our Docker Hub page at
https://hub.docker.com/u/certbot and on PyPI.
- The ability to reuse ACME accounts from Let's Encrypt's
ACMEv1 endpoint on Let's Encrypt's ACMEv2 endpoint has been
added.
- Certbot and its components now support Python 3.7.
- Certbot's install subcommand now allows you to interactively
choose which certificate to install from the list of
certificates managed by Certbot.
- Certbot now accepts the flag --no-autorenew which causes any
obtained certificates to not be automatically renewed when it
approaches expiration.
- Support for parsing the TLS-ALPN-01 challenge has been added
back to the acme library.
* Changed
- Certbot's default ACME server has been changed to
Let's Encrypt's ACMEv2 endpoint. By default, this server
will now be used for both new certificate lineages and
Comments 2
Does it make sense to use systemd instead of cron? It will be easier to enable/disable in YaST and monitor errors.
I am not a friend of systemd. And certainly not from systemd cron. Sorry.