certbot formerly letsencrypt client for Lets Encrypt Certificates
ATTENTION: Version 1.23.0 is the last version which can be use in Leap.
Version >= 1.24 need python3 >= 3.7
Certbot (previously, the Let's Encrypt client) is an easy-to-use automatic client that fetches and deploys
SSL/TLS certificates for your webserver.
Certbot was developed by EFF and others as a client for Let’s Encrypt and was previously known as
“the official Let’s Encrypt client” or “the Let’s Encrypt Python client.”
Certbot will also work with any other CAs that support the ACME protocol.
While there are many other clients that implement the ACME protocol to fetch certificates, Certbot is the
most extensive client and can automatically configure your webserver to start serving over HTTPS immediately.
For Apache, it can also optionally automate security tasks such as tuning ciphersuites and enabling important
security features such as HTTP → HTTPS redirects, OCSP stapling, HSTS, and upgrade-insecure-requests.
Certbot is part of EFF’s larger effort to encrypt the entire Internet. Websites need to use HTTPS to secure
the web. Along with HTTPS Everywhere, Certbot aims to build a network that is more structurally private,
safe, and protected against censorship.
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:ecsos:server/certbot && cd $_ - Create Badge
Source Files
| Filename | Size | Changed |
|---|---|---|
| README.SUSE | 0000001749 1.71 KB | |
| certbot-cli.ini.patch | 0000001527 1.49 KB | |
| certbot-fix_constants.patch | 0000002992 2.92 KB | |
| certbot.changes | 0000029860 29.2 KB | |
| certbot.cron | 0000000949 949 Bytes | |
| certbot.rpmlintrc | 0000000153 153 Bytes | |
| certbot.spec | 0000018072 17.6 KB | |
| v0.29.1.tar.gz | 0001265252 1.21 MB |
Revision 138 (latest revision is 238)
Eric Schirra (ecsos)
committed
(revision 138)
- update to 0.29.1
- changes from 0.29.0
* Added
- Noninteractive renewals with certbot renew (those not started
from a terminal) now randomly sleep 1-480 seconds before
beginning work in order to spread out load spikes on the
server side.
- Added External Account Binding support in cli and acme
library. Command line arguments --eab-kid and --eab-hmac-key
added.
* Changed
- Private key permissioning changes: Renewal preserves existing
group mode & gid of previous private key material. Private
keys for new lineages (i.e. new certs, not renewed) default
to 0o600.
* Fixed
- Update code and dependencies to clean up Resource and
Deprecation Warnings.
- Only depend on imgconverter extension for Sphinx >= 1.6
Despite us having broken lockstep, we are continuing to release
new versions of all Certbot components during releases for the
time being, however, the only package with changes other than
its version number was:
acme
certbot
certbot-apache
certbot-dns-cloudflare
certbot-dns-digitalocean
certbot-dns-google
certbot-nginx
Comments 2
Does it make sense to use systemd instead of cron? It will be easier to enable/disable in YaST and monitor errors.
I am not a friend of systemd. And certainly not from systemd cron. Sorry.