337b0306ce
- Update to 5.1.0 * The function acme.crypto_util.make_self_signed_cert was deprecated and will be removed in a future release.
Markéta Machová2025-10-14 07:56:24 +00:00
358d740c25
Accepting request 1302581 from devel:languages:python:certbot
Ana Guerrero2025-09-03 19:08:30 +00:00
7440444b5f
- Update to 5.0.0 * Removed acme.crypto_util.SSLSocket and acme.crypto_util.probe_sni * Removed a number of deprecated classes/interfaces in acme.challenges * Python 3.9 support was removed. * Migrated most functionality from setup.py to pyproject.toml
Markéta Machová2025-09-03 12:11:06 +00:00
1afa7a6d21
- Update to 4.2.0 * Catches and ignores errors during the directory fetch for ARI checking so that these errors do not hinder the actual certificate issuance. * Removed the dependency on pytz. * Deprecated acme.crypto_util.probe_sni * Support for Python 3.9 was deprecated and will be removed in our next planned release.
Markéta Machová2025-08-12 15:49:40 +00:00
bbc5097cbb
Accepting request 1286019 from devel:languages:python:certbot
Ana Guerrero2025-06-16 10:26:32 +00:00
ea2c15d5fa
- Update to 4.1.1 * ACME Renewal Info (ARI) support. certbot renew will automatically check ARI when using an ACME server that supports it, and may renew early based on the ARI information. * Switched to src-layout from flat-layout to accommodate PEP 517 pip editable installs * acme.client.ClientNetwork now makes the "key" parameter optional. * Deprecated acme.challenges.TLSALPN01*, acme.crypto_util.SSLSocket, acme.standalone.TLSServer, acme.standalone.TLSALPN01Server and parameter alpn_protocols from acme.crypto_util.probe_sni * Fixed an unintended change introduced in 4.0.0 where renew_before_expiry could not be shorter than certbot's default renewal time.
Markéta Machová2025-06-13 14:33:44 +00:00
980d0a2116
Accepting request 1271239 from devel:languages:python:certbot
Ana Guerrero2025-04-22 15:28:56 +00:00
ae461310a9
- Update to 4.0.0: * Added + The --preferred-profile and --required-profile flags allow requesting a profile. * Changed + Certificates now renew with 1/3rd of lifetime left (or 1/2 of lifetime left, if the lifetime is shorter than 10 days). + removed acme.crypto_util._pyopenssl_cert_or_req_all_names + removed acme.crypto_util._pyopenssl_cert_or_req_san + removed acme.crypto_util.dump_pyopenssl_chain + removed acme.crypto_util.gen_ss_cert + removed certbot.crypto_util.dump_pyopenssl_chain + removed certbot.crypto_util.pyopenssl_load_certificate * Fixed + Moved RewriteEngine on directive added during apache http01 authentication to the end of the virtual host, so that it overwrites any RewriteEngine off directives that already exist and allows redirection to the challenge URL.
Steve Kowalik2025-04-22 03:30:36 +00:00
45e2da344c
Accepting request 1254986 from devel:languages:python:certbot
Ana Guerrero2025-03-21 19:23:24 +00:00
e56deb1e1b
Accepting request 1247351 from devel:languages:python:certbot
Ana Guerrero2025-02-20 15:41:51 +00:00
f06a364c62
- update to 3.2.0: * Python 3.13 support * certbot and its acme library now require cryptography>=43.0.0. * certbot-nginx and our acme library now require pyOpenSSL>=25.0.0. * Deprecated gen_ss_cert in acme.crypto_util as it uses deprecated pyOpenSSL API. * Support for Python 3.8 was deprecated and will be removed in
Dirk Mueller2025-02-13 09:33:29 +00:00
6e5858d3fd
Accepting request 1240554 from devel:languages:python:certbot
Ana Guerrero2025-01-27 19:56:54 +00:00
2daf501a02
- Update to 3.1.0 * Python 3.8 support was removed. - Convert to pip-based build
Markéta Machová2025-01-27 14:06:04 +00:00
eb10b91d03
Accepting request 1228064 from devel:languages:python:certbot
Ana Guerrero2024-12-03 19:48:13 +00:00
4257a83e50
- Update to 3.0.1 * Support for Python 3.8 was deprecated and will be removed in our next planned release.
Markéta Machová2024-12-03 14:44:36 +00:00
ada6878966
Accepting request 1183166 from devel:languages:python:certbot
Ana Guerrero2024-06-25 21:08:56 +00:00
efd4d563c1
- Update to 2.11.0 * sync with the main certbot package
Markéta Machová2024-06-25 12:14:10 +00:00
fe8881eb31
Accepting request 1174587 from devel:languages:python:certbot
Ana Guerrero2024-05-16 15:17:24 +00:00
6341e84c81
- update to 2.10.0: * We no longer publish our beta Windows installer as was originally announced
Dirk Mueller2024-05-09 13:49:36 +00:00
4a86e614c3
Accepting request 1145432 from devel:languages:python:certbot
Ana Guerrero2024-02-09 22:54:33 +00:00
9edc7bcb96
- update to 2.9.0: * Support for Python 3.12 was added. * Updates joinpath syntax to only use one addition per call, because the multiple inputs version was causing mypy errors on Python 3.10. * Makes the reconfigure verb actually use the staging server for the dry run to check the new configuration. * acme.challenges.HTTP01Response.simple_verify now accepts a timeout argument which defaults to 30 that causes the verification request to timeout after * The default key type for new certificates is now ECDSA secp256r1 (P-256). * acme.messages.Directory now only supports lookups by the exact resource name * Certbot will no longer respect very long challenge polling intervals, which may be suggested by some ACME servers. Certbot will continue to wait up to 90 seconds by default, or up to a total of 30 minutes if requested by the server * acme.client.ClientV2 now provides separate begin_finalization and poll_finalization * acme.client.ClientBase, acme.messages.Authorization.resolved_combinations, acme.messages.Authorization.combinations, acme.mixins, acme.fields.resource * acme.messages.OLD_ERROR_PREFIX (urn:acme:error:) is deprecated and support for the old ACME error prefix in Certbot will be removed in the next major * acme.messages.Directory.register is deprecated and will be removed in the next major release of Certbot. Furthermore, .Directory will only support lookups by the exact resource name string in the ACME directory (e.g. * The source_address argument for acme.client.ClientNetwork is deprecated and * use order "status" to determine action during finalization * The PGP key F2871B4152AE13C49519111F447BF683AA3B26C3 was added * Added show_account subcommand, which will fetch the account information from the ACME server and show the account details (account URL and, if applicable, * Previously, when Certbot was in the process of registering a new ACME account and the ACME server did not present any Terms of Service, the user was asked to agree with a non-existent Terms of Service ("None"). This bug is now fixed,
Dirk Mueller2024-02-09 13:24:34 +00:00
8b97889488
- Update to 2.7.4 * sync with the main certbot package
Markéta Machová2023-11-16 12:55:55 +00:00
9a2112206c
Accepting request 1123632 from devel:languages:python:certbot
Ana Guerrero2023-11-06 20:14:51 +00:00
77437a1df5
* Support for Python 3.7 was deprecated and will be removed in our next planned release.
Markéta Machová2023-10-30 15:55:47 +00:00
9149107cac
- Update to 2.7.3 * Do not call deprecated datetime.utcnow() and datetime.utcfromtimestamp() * Fixed a bug that caused the ACME account to not be properly restored on renewal causing problems in setups where the user had multiple accounts with the same ACME server.
Markéta Machová2023-10-30 15:36:59 +00:00
b28a1eb60d
- Update to 1.30.0 * acme.client.ClientBase, acme.messages.Authorization.resolved_combinations, acme.messages.Authorization.combinations, acme.mixins, acme.fields.resource and acme.fields.Resource are deprecated and will be removed in a future release. * acme.messages.OLD_ERROR_PREFIX (urn:acme:error:) is deprecated and support for the old ACME error prefix in Certbot will be removed in the next major release of Certbot. * acme.messages.Directory.register is deprecated and will be removed in the next major release of Certbot. Furthermore, .Directory will only support lookups by the exact resource name string in the ACME directory (e.g. directory['newOrder']). * The source_address argument for acme.client.ClientNetwork is deprecated and support for it will be removed in the next major release.
Markéta Machová2022-09-21 17:52:39 +00:00
019c999527
- update to 1.29.0: * --allow-subset-of-names will now additionally retry in cases where domains are rejected while creating or finalizing orders. This requires subproblem support from the ACME server * The show_account subcommand now uses the "newAccount" ACME endpoint to fetch the account data, so it doesn't rely on the locally stored account URL. This fixes situations where Certbot would use old ACMEv1 registration info with non-functional account URLs. * The generated Certificate Signing Requests are now generated as version 1 instead of version 3. This resolves situations in where strict enforcement of PKCS#10 meant that CSRs that were generated as version 3 were rejected
Dirk Mueller2022-07-11 13:11:44 +00:00
008e13cce7
- Update to version 1.27.0 * Added support for RFC8555 subproblems to our acme library. * The PGP key F2871B4152AE13C49519111F447BF683AA3B26C3 was added as an additional trusted key to sign our PyPI packages - Refreshed python-acme.keyring
Markéta Machová2022-05-30 09:08:11 +00:00
9c8f06d9f6
- update to version 1.14.0 * The module acme.magic_typing is deprecated and will be removed in a future release. Please use the built-in module typing instead.
Markéta Machová2021-04-14 15:11:20 +00:00
f92229445f
- update to version 1.13.0 * Support for Python 2 has been removed. * The acme library no longer depends on the security extras from requests which was needed to support SNI in TLS requests when using old versions of Python 2. * When revoking a certificate by --cert-name, it is no longer necessary to specify the --server if the certificate was obtained from a non-default ACME server.
Markéta Machová2021-03-08 08:13:54 +00:00
1191a5e87e
- update to version 1.7.0 * We deprecated support for Python 3.5 in Certbot and its ACME library. Support for Python 3.5 will be removed in the next major release of Certbot.
Markéta Machová2020-08-21 08:36:07 +00:00
5ac61963a4
- update to version 1.6.0 * Support for alternative certificate chains in the acme module. * Added --preferred-chain <issuer CN>. If a CA offers multiple certificate chains, it may be used to indicate to Certbot which chain should be preferred.
Markéta Machová2020-07-13 08:30:35 +00:00
708e87dbed
- update to version 1.4.0 * Added TLS-ALPN-01 challenge support in the acme library. Support of this challenge in the Certbot client is planned to be added in a future release. * mock dependency is now conditional on Python 2 in all of our packages. * When using an RFC 8555 compliant endpoint, the acme library no longer sends the resource field in any requests or the type field when responding to challenges.
Markéta Machová2020-05-14 08:26:34 +00:00
a1aa6f3e2d
- update to version 1.3.0 * Don't verify the existing certificate in HTTP01Response.simple_verify, for compatibility with the real-world ACME challenge checks. * Fix acme module warnings when response Content-Type includes params (e.g. charset).
Markéta Machová2020-03-11 13:41:49 +00:00
969a6f376c
- update to version 1.2.0 * Support for Python 3.4 has been removed. * Fix collections.abc imports for Python 3.9.
Markéta Machová2020-02-21 15:29:54 +00:00
10170f7582
- update to version 1.1.0 * Removed the fallback introduced with 0.34.0 in acme to retry a POST-as-GET request as a GET request when the targeted ACME CA server seems to not support POST-as-GET requests. * Support for Python 3.4 in Certbot and its ACME library is deprecated and will be removed in the next release of Certbot.
Markéta Machová2020-01-21 09:47:07 +00:00
257c45cc10
- update to version 0.40.1 * acme.standalone.BaseRequestHandlerWithLogging and acme.standalone.simple_tls_sni_01_server have been deprecated and will be removed in a future release of the library.
Markéta Machová2019-11-14 12:03:09 +00:00
Dominique Leuenberger
Markéta Machová
Ana Guerrero
Steve Kowalik
Dirk Mueller
Danilo Spinella
Richard Brown
Tomáš Chvátal