All Versions
43
Latest Version
Avg Release Cycle
26 days
Latest Release
56 days ago

Changelog History
Page 4

  • v2.0.1 Changes

    January 09, 2019

    โž• Added:

    • [cli,lib] Option to disable the complete propagation Requirement
    • [lib,cli] Support non-ascii domain name (punnycode)
    • [cli,lib] Add configurable timeout when obtaining certificates
    • [cli] Archive revoked certificates
    • [cli] Add command to list certificates.
    • [cli] support for renew with CSR
    • [cli] add SAN on renew
    • [lib] Adds Remove for challenges
    • [lib] Add version to xenolf-acme in User-Agent.
    • [dnsprovider] The ability for a DNS provider to solve the challenge sequentially
    • [dnsprovider] Add DNS provider for "HTTP request".
    • [dnsprovider] Add DNS Provider for Vscale
    • [dnsprovider] Add DNS Provider for TransIP
    • [dnsprovider] Add DNS Provider for inwx
    • [dnsprovider] alidns: add support to handle more than 20 domains

    ๐Ÿ”„ Changed:

    • [lib] Check all challenges in a predictable order
    • [lib] Poll authz URL instead of challenge URL
    • [lib] Check all nameservers in a predictable order
    • [lib] Logs every iteration of waiting for the propagation
    • [cli] --http: enable HTTP challenge important
    • [cli] --http.port: previously named --http
    • [cli] --http.webroot: previously named --webroot
    • [cli] --http.memcached-host: previously named --memcached-host
    • [cli] --tls: enable TLS challenge important
    • [cli] --tls.port: previously named --tls
    • [cli] --dns.resolvers: previously named --dns-resolvers
    • [dnsprovider] gcloud: Use GCE_PROJECT for project always, if specified
    • [cli] the option --days of the command renew has default value (15)

    โœ‚ Removed:

    • [lib] Remove SetHTTP01Address
    • [lib] Remove SetTLSALPN01Address
    • [lib] Remove Exclude
    • [cli] Remove --exclude, -x

    ๐Ÿ›  Fixed:

    • [lib] Fixes revocation for subdomains and non-ascii domains
    • [lib] Disable pending authorizations
    • [dnsprovider] transip: concurrent access to the API.
    • [dnsprovider] gcloud: fix for wildcard
    • [dnsprovider] Azure: Do not overwrite existing TXT records
    • [dnsprovider] fix: Cloudflare error.
  • v2.0.0 Changes

    January 09, 2019

    โž• Added:

    • [cli,lib] Option to disable the complete propagation Requirement
    • [lib,cli] Support non-ascii domain name (punnycode)
    • [cli,lib] Add configurable timeout when obtaining certificates
    • [cli] Archive revoked certificates
    • [cli] Add command to list certificates.
    • [cli] support for renew with CSR
    • [cli] add SAN on renew
    • [lib] Adds Remove for challenges
    • [lib] Add version to xenolf-acme in User-Agent.
    • [dnsprovider] The ability for a DNS provider to solve the challenge sequentially
    • [dnsprovider] Add DNS provider for "HTTP request".
    • [dnsprovider] Add DNS Provider for Vscale
    • [dnsprovider] Add DNS Provider for TransIP
    • [dnsprovider] Add DNS Provider for inwx
    • [dnsprovider] alidns: add support to handle more than 20 domains

    ๐Ÿ”„ Changed:

    • [lib] Check all challenges in a predictable order
    • [lib] Poll authz URL instead of challenge URL
    • [lib] Check all nameservers in a predictable order
    • [lib] Logs every iteration of waiting for the propagation
    • [cli] --http: enable HTTP challenge important
    • [cli] --http.port: previously named --http
    • [cli] --http.webroot: previously named --webroot
    • [cli] --http.memcached-host: previously named --memcached-host
    • [cli] --tls: enable TLS challenge important
    • [cli] --tls.port: previously named --tls
    • [cli] --dns.resolvers: previously named --dns-resolvers
    • [cli] the option --days of the command renew has default value (15)
    • [dnsprovider] gcloud: Use GCE_PROJECT for project always, if specified

    โœ‚ Removed:

    • [lib] Remove SetHTTP01Address
    • [lib] Remove SetTLSALPN01Address
    • [lib] Remove Exclude
    • [cli] Remove --exclude, -x

    ๐Ÿ›  Fixed:

    • [lib] Fixes revocation for subdomains and non-ascii domains
    • [lib] Disable pending authorizations
    • [dnsprovider] transip: concurrent access to the API.
    • [dnsprovider] gcloud: fix for wildcard
    • [dnsprovider] Azure: Do not overwrite existing TXT records
    • [dnsprovider] fix: Cloudflare error.
  • v1.2.0 Changes

    November 04, 2018

    โž• Added:

    • [dnsprovider] Add DNS Provider for ConoHa DNS
    • [dnsprovider] Add DNS Provider for MyDNS.jp
    • [dnsprovider] Add DNS Provider for Selectel

    ๐Ÿ›  Fixed:

    • [dnsprovider] netcup: make unmarshalling of api-responses more lenient.

    ๐Ÿ”„ Changed:

    • [dnsprovider] aurora: change DNS client
    • [dnsprovider] azure: update auth to support instance metadata service
    • [dnsprovider] dnsmadeeasy: log response body on error
    • [lib] TLS-ALPN-01: Update idPeAcmeIdentifierV1, draft refs.
    • [lib] Do not send a JWS body when POSTing challenges.
    • [lib] Support POST-as-GET.
  • v1.1.0 Changes

    October 16, 2018

    โž• Added:

    • [lib] TLS-ALPN-01 Challenge
    • [cli] Add filename parameter
    • [dnsprovider] Allow to configure TTL, interval and timeout
    • [dnsprovider] Add support for reading DNS provider setup from files
    • [dnsprovider] Add DNS Provider for ACME-DNS
    • [dnsprovider] Add DNS Provider for ALIYUN DNS
    • [dnsprovider] Add DNS Provider for DreamHost
    • [dnsprovider] Add DNS provider for hosting.de
    • [dnsprovider] Add DNS Provider for IIJ
    • [dnsprovider] Add DNS Provider for netcup
    • [dnsprovider] Add DNS Provider for NIFCLOUD DNS
    • [dnsprovider] Add DNS Provider for SAKURA Cloud
    • [dnsprovider] Add DNS Provider for Stackpath
    • [dnsprovider] Add DNS Provider for VegaDNS
    • [dnsprovider] exec: add EXEC_MODE=RAW support.
    • [dnsprovider] cloudflare: support for CF_API_KEY and CF_API_EMAIL

    ๐Ÿ›  Fixed:

    • [lib] Don't trust identifiers order.
    • [lib] Fix missing issuer certificates from Let's Encrypt
    • [dnsprovider] duckdns: fix TXT record update url
    • [dnsprovider] duckdns: fix subsubdomain
    • [dnsprovider] gcloud: update findTxtRecords to use Name=fqdn and Type=TXT
    • [dnsprovider] lightsail: Fix Domain does not exist error
    • [dnsprovider] ns1: use the authoritative zone and not the domain name
    • [dnsprovider] ovh: check error to avoid panic due to nil client

    ๐Ÿ”„ Changed:

    • [lib] Submit all dns records up front, then validate serially
  • v1.0.0 Changes

    May 30, 2018

    ๐Ÿ”„ Changed:

    • [lib] ACME v2 Support.
    • [dnsprovider] Renamed /providers/dns/googlecloud to /providers/dns/gcloud.
    • [dnsprovider] Modified Google Cloud provider gcloud.NewDNSProviderServiceAccount function to extract the project id directly from the service account file.
    • [dnsprovider] Made errors more verbose for the Cloudflare provider.
  • v0.5.0 Changes

    May 29, 2018

    โž• Added:

    • [dnsprovider] Add DNS challenge provider exec
    • [dnsprovider] Add DNS Provider for Akamai FastDNS
    • [dnsprovider] Add DNS Provider for Bluecat DNS
    • [dnsprovider] Add DNS Provider for CloudXNS
    • [dnsprovider] Add DNS Provider for Duck DNS
    • [dnsprovider] Add DNS Provider for Gandi Beta Platform (LiveDNS)
    • [dnsprovider] Add DNS Provider for GleSYS API
    • [dnsprovider] Add DNS Provider for GoDaddy
    • [dnsprovider] Add DNS Provider for Lightsail
    • [dnsprovider] Add DNS Provider for Name.com

    ๐Ÿ›  Fixed:

    • [dnsprovider] Azure: Added missing environment variable in the comments
    • [dnsprovider] PowerDNS: Fix zone URL, add leading slash.
    • [dnsprovider] DNSimple: Fix api
    • [cli] Correct help text for --dns-resolvers default.
    • [cli] renew/revoke - don't panic on wrong account.
    • [lib] Fix zone detection for cross-zone cnames.
    • [lib] Use proxies from environment when making outbound http connections.

    ๐Ÿ”„ Changed:

    • [lib] Users of an effective top-level domain can use the DNS challenge.
    • [dnsprovider] Azure: Refactor to work with new Azure SDK version.
    • [dnsprovider] Cloudflare and Azure: Adding output of which envvars are missing.
    • [dnsprovider] Dyn DNS: Slightly improve provider error reporting.
    • [dnsprovider] Exoscale: update to latest egoscale version.
    • [dnsprovider] Route53: Use NewSessionWithOptions instead of deprecated New.
  • v0.4.1 Changes

    September 26, 2017

    โž• Added:

    • lib: A new DNS provider for OTC.
    • lib: The AWS_HOSTED_ZONE_ID environment variable for the Route53 DNS provider to directly specify the zone.
    • ๐Ÿ”ง lib: The RFC2136_TIMEOUT enviroment variable to make the timeout for the RFC2136 provider configurable.
    • lib: The GCE_SERVICE_ACCOUNT_FILE environment variable to specify a service account file for the Google Cloud DNS provider.

    ๐Ÿ›  Fixed:

    • โœ… lib: Fixed an authentication issue with the latest Azure SDK.
  • v0.4.0 Changes

    July 13, 2017

    โž• Added:

    • 0๏ธโƒฃ CLI: The --http-timeout switch. This allows for an override of the default client HTTP timeout.
    • 0๏ธโƒฃ lib: The HTTPClient field. This allows for an override of the default HTTP timeout for library HTTP requests.
    • 0๏ธโƒฃ CLI: The --dns-timeout switch. This allows for an override of the default DNS timeout for library DNS requests.
    • 0๏ธโƒฃ lib: The DNSTimeout switch. This allows for an override of the default client DNS timeout.
    • โšก๏ธ lib: The QueryRegistration function on acme.Client. This performs a POST on the client registration's URI and gets the updated registration info.
    • ๐Ÿ”ง lib: The DeleteRegistration function on acme.Client. This deletes the registration as currently configured in the client.
    • lib: The ObtainCertificateForCSR function on acme.Client. The function allows to request a certificate for an already existing CSR.
    • ๐Ÿ’ป CLI: The --csr switch. Allows to use already existing CSRs for certificate requests on the command line.
    • CLI: The --pem flag. This will change the certificate output so it outputs a .pem file concatanating the .key and .crt files together.
    • 0๏ธโƒฃ CLI: The --dns-resolvers flag. Allows for users to override the default DNS servers used for recursive lookup.
    • lib: Added a memcached provider for the HTTP challenge.
    • CLI: The --memcached-host flag. This allows to use memcached for challenge storage.
    • CLI: The --must-staple flag. This enables OCSP must staple in the generated CSR.
    • lib: The library will now honor entries in your resolv.conf.
    • lib: Added a field IssuerCertificate to the CertificateResource struct.
    • lib: A new DNS provider for OVH.
    • lib: A new DNS provider for DNSMadeEasy.
    • lib: A new DNS provider for Linode.
    • lib: A new DNS provider for AuroraDNS.
    • lib: A new DNS provider for NS1.
    • lib: A new DNS provider for Azure DNS.
    • lib: A new DNS provider for Rackspace DNS.
    • lib: A new DNS provider for Exoscale DNS.
    • lib: A new DNS provider for DNSPod.

    ๐Ÿ”„ Changed:

    • โœ… lib: Exported the PreCheckDNS field so library users can manage the DNS check in tests.
    • lib: The library will now skip challenge solving if a valid Authz already exists.

    โœ‚ Removed:

    • ๐Ÿšš lib: The library will no longer check for auto renewed certificates. This has been removed from the spec and is not supported in Boulder.

    ๐Ÿ›  Fixed:

    • lib: Fix a problem with the Route53 provider where it was possible the verification was published to a private zone.
    • lib: Loading an account from file should fail if a integral part is nil
    • lib: Fix a potential issue where the Dyn provider could resolve to an incorrect zone.
    • lib: If a registration encounteres a conflict, the old registration is now recovered.
    • CLI: The account.json file no longer has the executable flag set.
    • lib: Made the client registration more robust in case of a 403 HTTP response.
    • ๐Ÿ›  lib: Fixed an issue with zone lookups when they have a CNAME in another zone.
    • ๐Ÿ›  lib: Fixed the lookup for the authoritative zone for Google Cloud.
    • ๐Ÿ›  lib: Fixed a race condition in the nonce store.
    • ๐Ÿšš lib: The Google Cloud provider now removes old entries before trying to add new ones.
    • ๐Ÿ›  lib: Fixed a condition where we could stall due to an early error condition.
    • ๐Ÿ›  lib: Fixed an issue where Authz object could end up in an active state after an error condition.
  • v0.3.1 Changes

    April 19, 2016

    โž• Added:

    • lib: A new DNS provider for Vultr.

    ๐Ÿ›  Fixed:

    • lib: DNS Provider for DigitalOcean could not handle subdomains properly.
    • lib: handleHTTPError should only try to JSON decode error messages with the right content type.
    • lib: The propagation checker for the DNS challenge would not retry on send errors.
  • v0.3.0 Changes

    March 19, 2016

    โž• Added:

    • ๐Ÿ‘ CLI: The --dns switch. To include the DNS challenge for consideration. When using this switch, all other solvers are disabled. Supported are the following solvers: cloudflare, digitalocean, dnsimple, dyn, gandi, googlecloud, namecheap, route53, rfc2136 and manual.
    • CLI: The --accept-tos switch. Indicates your acceptance of the Let's Encrypt terms of service without prompting you.
    • CLI: The --webroot switch. The HTTP-01 challenge may now be completed by dropping a file into a webroot. When using this switch, all other solvers are disabled.
    • ๐Ÿ‘ CLI: The --key-type switch. This replaces the --rsa-key-size switch and supports the following key types: EC256, EC384, RSA2048, RSA4096 and RSA8192.
    • CLI: The --dnshelp switch. This displays a more in-depth help topic for DNS solvers.
    • CLI: The --no-bundle sub switch for the run and renew commands. When this switch is set, the CLI will not bundle the issuer certificate with your certificate.
    • lib: A new type for challenge identifiers Challenge
    • lib: A new interface for custom challenge providers acme.ChallengeProvider
    • lib: A new interface for DNS-01 providers to allow for custom timeouts for the validation function acme.ChallengeProviderTimeout
    • 0๏ธโƒฃ lib: SetChallengeProvider function. Pass a challenge identifier and a Provider to replace the default behaviour of a challenge.
    • lib: The DNS-01 challenge has been implemented with modular solvers using the ChallengeProvider interface. Included solvers are: cloudflare, digitalocean, dnsimple, gandi, namecheap, route53, rfc2136 and manual.
    • ๐Ÿ”ง lib: The acme.KeyType type was added and is used for the configuration of crypto parameters for RSA and EC keys. Valid KeyTypes are: EC256, EC384, RSA2048, RSA4096 and RSA8192.

    ๐Ÿ”„ Changed

    • lib: ExcludeChallenges now expects to be passed an array of Challenge types.
    • ๐Ÿ‘ lib: HTTP-01 now supports custom solvers using the ChallengeProvider interface.
    • ๐Ÿ‘ lib: TLS-SNI-01 now supports custom solvers using the ChallengeProvider interface.
    • lib: The GetPrivateKey function in the acme.User interface is now expected to return a crypto.PrivateKey instead of an rsa.PrivateKey for EC compat.
    • lib: The acme.NewClient function now expects an acme.KeyType instead of the keyBits parameter.

    โœ‚ Removed

    • ๐Ÿšš CLI: The rsa-key-size switch was removed in favor of key-type to support EC keys.

    ๐Ÿ›  Fixed

    • ๐Ÿ›  lib: Fixed a race condition in HTTP-01
    • ๐Ÿ›  lib: Fixed an issue where status codes on ACME challenge responses could lead to no action being taken.
    • ๐Ÿ›  lib: Fixed a regression when calling the Renew function with a SAN certificate.