certbot formerly letsencrypt client for Lets Encrypt Certificates
ATTENTION: Version 1.23.0 is the last version which can be use in Leap.
Version >= 1.24 need python3 >= 3.7
Certbot (previously, the Let's Encrypt client) is an easy-to-use automatic client that fetches and deploys
SSL/TLS certificates for your webserver.
Certbot was developed by EFF and others as a client for Let’s Encrypt and was previously known as
“the official Let’s Encrypt client” or “the Let’s Encrypt Python client.”
Certbot will also work with any other CAs that support the ACME protocol.
While there are many other clients that implement the ACME protocol to fetch certificates, Certbot is the
most extensive client and can automatically configure your webserver to start serving over HTTPS immediately.
For Apache, it can also optionally automate security tasks such as tuning ciphersuites and enabling important
security features such as HTTP → HTTPS redirects, OCSP stapling, HSTS, and upgrade-insecure-requests.
Certbot is part of EFF’s larger effort to encrypt the entire Internet. Websites need to use HTTPS to secure
the web. Along with HTTPS Everywhere, Certbot aims to build a network that is more structurally private,
safe, and protected against censorship.
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:ecsos:server/certbot && cd $_ - Create Badge
Source Files
| Filename | Size | Changed |
|---|---|---|
| README.SUSE | 0000001749 1.71 KB | |
| certbot-cli.ini.patch | 0000001527 1.49 KB | |
| certbot-fix_constants.patch | 0000001105 1.08 KB | |
| certbot.changes | 0000028451 27.8 KB | |
| certbot.cron | 0000000949 949 Bytes | |
| certbot.rpmlintrc | 0000000153 153 Bytes | |
| certbot.spec | 0000018071 17.6 KB | |
| v0.28.0.tar.gz | 0001253582 1.2 MB |
Revision 136 (latest revision is 238)
Eric Schirra (ecsos)
committed
(revision 136)
- update to 0.28.0
* Added
- revoke accepts --cert-name, and doesn't accept both
--cert-name and --cert-path.
- Use the ACMEv2 newNonce endpoint when a new nonce is needed,
and newNonce is available in the directory.
* Changed
- Removed documentation mentions of #letsencrypt IRC on
Freenode.
- Write README to the base of (config-dir)/live directory
- --manual will explicitly warn users that earlier challenges
should remain in place when setting up subsequent challenges.
- Warn when using deprecated acme.challenges.TLSSNI01
- Log warning about TLS-SNI deprecation in Certbot
- Stop preferring TLS-SNI in the Apache, Nginx, and standalone
plugins
- OVH DNS plugin now relies on Lexicon>=2.7.14 to support HTTP
proxies
- Default time the Linode plugin waits for DNS changes to
propogate is now 1200 seconds.
* Fixed
- Match Nginx parser update in allowing variable names to start
with ${.
- Fix ranking of vhosts in Nginx so that all port-matching
vhosts come first
- Correct OVH integration tests on machines without internet
access.
- Stop caching the results of ipv6_info in http01.py
- Test fix for Route53 plugin to prevent boto3 making outgoing
connections.
Comments 2
Does it make sense to use systemd instead of cron? It will be easier to enable/disable in YaST and monitor errors.
I am not a friend of systemd. And certainly not from systemd cron. Sorry.