Overview
Request 620604 accepted
- update to 0.25.1
* Fixed
- TLS-ALPN-01 support has been removed from our acme library.
Using our current dependencies, we are unable to provide
a correct implementation of this challenge so we decided
to remove it from the library until we can provide proper
support.
- Issues causing test failures when running the tests in the
acme package with pytest<3.0 has been resolved.
- certbot-nginx now correctly depends on acme>=0.25.0.
Despite us having broken lockstep, we are continuing to release
new versions of all Certbot components during releases for the
time being, however, the only packages with changes other than
their version number were:
- acme
- certbot-nginx
More details about these changes can be found on our GitHub repo:
https://github.com/certbot/certbot/milestone/56?closed=1
- update to 0.25.0
* Added
- Support for the ready status type was added to acme. Without
this change, Certbot and acme users will begin encountering
errors when using Let's Encrypt's ACMEv2 API starting on
June 19th for the staging environment and July 5th for
production.
See https://community.letsencrypt.org/t/acmev2-order-ready-status/62866
for more information.
- Certbot now accepts the flag --reuse-key which will cause the
same key to be used in the certificate when the lineage is
renewed rather than generating a new key.
- You can now add multiple email addresses to your ACME account
with Certbot by providing a comma separated list of emails
to the --email flag.
- Support for Let's Encrypt's upcoming TLS-ALPN-01 challenge
was added to acme. For more information,
see https://community.letsencrypt.org/t/tls-alpn-validation-method/63814/1.
- acme now supports specifying the source address to bind to
when sending outgoing connections. You still cannot specify
this address using Certbot.
- If you run Certbot against Let's Encrypt's ACMEv2 staging
server but don't already have an account registered at that
server URL, Certbot will automatically reuse your staging
account from Let's Encrypt's ACMEv1 endpoint if it exists.
- Interfaces were added to Certbot allowing plugins to be
called at additional points. The GenericUpdater interface
allows plugins to perform actions every time certbot renew is
run, regardless of whether any certificates are due for
renewal, and the RenewDeployer interface allows plugins to
perform actions when a certificate is renewed.
See certbot.interfaces for more information.
* Changed
- When running Certbot with --dry-run and you don't already
have a staging account, the created account does not contain
an email address even if one was provided to avoid expiration
emails from Let's Encrypt's staging server.
- certbot-nginx does a better job of automatically detecting
the location of Nginx's configuration files when run on
BSD based systems.
- acme now requires and uses pytest when running tests with
setuptools with python setup.py test.
- certbot config_changes no longer waits for user input before
exiting.
* Fixed
- Misleading log output that caused users to think that
Certbot's standalone plugin failed to bind to a port when
performing a challenge has been corrected.
- An issue where certbot-nginx would fail to enable HSTS if
the server block already had an add_header directive has been
resolved.
- certbot-nginx now does a better job detecting the server
block to base the configuration for TLS-SNI challenges on.
Despite us having broken lockstep, we are continuing to release
new versions of all Certbot components during releases for the
time being, however, the only packages with functional changes
were:
- acme
- certbot
- certbot-apache
- certbot-nginx
More details about these changes can be found on our GitHub repo:
https://github.com/certbot/certbot/milestone/54?closed=1
Request History
ecsos created request
- update to 0.25.1
* Fixed
- TLS-ALPN-01 support has been removed from our acme library.
Using our current dependencies, we are unable to provide
a correct implementation of this challenge so we decided
to remove it from the library until we can provide proper
support.
- Issues causing test failures when running the tests in the
acme package with pytest<3.0 has been resolved.
- certbot-nginx now correctly depends on acme>=0.25.0.
Despite us having broken lockstep, we are continuing to release
new versions of all Certbot components during releases for the
time being, however, the only packages with changes other than
their version number were:
- acme
- certbot-nginx
More details about these changes can be found on our GitHub repo:
https://github.com/certbot/certbot/milestone/56?closed=1
- update to 0.25.0
* Added
- Support for the ready status type was added to acme. Without
this change, Certbot and acme users will begin encountering
errors when using Let's Encrypt's ACMEv2 API starting on
June 19th for the staging environment and July 5th for
production.
See https://community.letsencrypt.org/t/acmev2-order-ready-status/62866
for more information.
- Certbot now accepts the flag --reuse-key which will cause the
same key to be used in the certificate when the lineage is
renewed rather than generating a new key.
- You can now add multiple email addresses to your ACME account
with Certbot by providing a comma separated list of emails
to the --email flag.
- Support for Let's Encrypt's upcoming TLS-ALPN-01 challenge
was added to acme. For more information,
see https://community.letsencrypt.org/t/tls-alpn-validation-method/63814/1.
- acme now supports specifying the source address to bind to
when sending outgoing connections. You still cannot specify
this address using Certbot.
- If you run Certbot against Let's Encrypt's ACMEv2 staging
server but don't already have an account registered at that
server URL, Certbot will automatically reuse your staging
account from Let's Encrypt's ACMEv1 endpoint if it exists.
- Interfaces were added to Certbot allowing plugins to be
called at additional points. The GenericUpdater interface
allows plugins to perform actions every time certbot renew is
run, regardless of whether any certificates are due for
renewal, and the RenewDeployer interface allows plugins to
perform actions when a certificate is renewed.
See certbot.interfaces for more information.
* Changed
- When running Certbot with --dry-run and you don't already
have a staging account, the created account does not contain
an email address even if one was provided to avoid expiration
emails from Let's Encrypt's staging server.
- certbot-nginx does a better job of automatically detecting
the location of Nginx's configuration files when run on
BSD based systems.
- acme now requires and uses pytest when running tests with
setuptools with python setup.py test.
- certbot config_changes no longer waits for user input before
exiting.
* Fixed
- Misleading log output that caused users to think that
Certbot's standalone plugin failed to bind to a port when
performing a challenge has been corrected.
- An issue where certbot-nginx would fail to enable HSTS if
the server block already had an add_header directive has been
resolved.
- certbot-nginx now does a better job detecting the server
block to base the configuration for TLS-SNI challenges on.
Despite us having broken lockstep, we are continuing to release
new versions of all Certbot components during releases for the
time being, however, the only packages with functional changes
were:
- acme
- certbot
- certbot-apache
- certbot-nginx
More details about these changes can be found on our GitHub repo:
https://github.com/certbot/certbot/milestone/54?closed=1
ecsos accepted request
ok
