* certbot-auto was deprecated on all systems except for those based on Debian or RHEL.
* Update the packaging instructions to promote usage of python -m pytest to test Certbot
instead of the deprecated python setup.py test setuptools approach.
* Reduced CLI logging when handling some kinds of errors.
* The minimum version of the acme library required by Certbot was corrected.
In the previous release, Certbot said it required acme>=1.6.0 when it
actually required acme>=1.8.0 to properly support removing contact
information from an ACME account.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=73
- Update to version 1.8.0
+ Added
* Added the ability to remove email and phone contact
information from an account
* using update_account --register-unsafely-without-email
+ Changed
* Support for Python 3.5 has been removed.
+ Fixed
* The problem causing the Apache plugin in the Certbot snap on
ARM systems to
* fail to load the Augeas library it depends on has been fixed.
* The acme library can now tell the ACME server to clear
contact information by passing an empty
* tuple to the contact field of a Registration message.
* Fixed the *** stack smashing detected *** error in the
Certbot snap on some systems.
* More details about these changes can be found on our GitHub
repo.
- Add certbot keyring and hash file
OBS-URL: https://build.opensuse.org/request/show/838326
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=72
* Third-party plugins can be used without prefix (plugin_name instead of dist_name:plugin_name):
this concerns the plugin name, CLI flags, and keys in credential files.
The prefixed form is still supported but is deprecated, and will be removed in a future release.
* We deprecated support for Python 3.5 in Certbot and its ACME library.
Support for Python 3.5 will be removed in the next major release of Certbot.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=70
* Added serial number of certificate to the output of certbot certificates
* Expose two new environment variables in the authenticator and cleanup scripts used by
the manual plugin: CERTBOT_REMAINING_CHALLENGES is equal to the number of challenges
remaining after the current challenge, CERTBOT_ALL_DOMAINS is a comma-separated list
of all domains challenged for the current certificate.
* Added minimal proxy support for OCSP verification.
* mock dependency is now conditional on Python 2 in all of our packages.
* Fix hanging OCSP queries during revocation checking - added a 10 second timeout.
* Standalone servers now have a default socket timeout of 30 seconds, fixing
cases where an idle connection can cause the standalone plugin to hang.
* Parsing of the RFC 8555 application/pem-certificate-chain now tolerates CRLF line
endings. This should fix interoperability with Buypass' services.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=62
- update to version 1.0.0 (boo#1160066)
* certbot-auto has deprecated support for systems using OpenSSL 1.0.1
that are not running on x86-64.
* Certbot's config_changes subcommand has been removed
* certbot.plugins.common.TLSSNI01 has been removed.
* The functions certbot.client.view_config_changes,
certbot.main.config_changes,
certbot.plugins.common.Installer.view_config_changes,
certbot.reverter.Reverter.view_config_changes, and
certbot.util.get_systemd_os_info have been removed
* Certbot's register --update-registration subcommand has been removed
* When possible, default to automatically configuring the webserver so all requests
redirect to secure HTTPS access. This is mostly relevant when running Certbot
in non-interactive mode. Previously, the default was to not redirect all requests.
OBS-URL: https://build.opensuse.org/request/show/760673
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-certbot?expand=0&rev=21
* certbot-auto has deprecated support for systems using OpenSSL 1.0.1
that are not running on x86-64.
* Certbot's config_changes subcommand has been removed
* certbot.plugins.common.TLSSNI01 has been removed.
* The functions certbot.client.view_config_changes,
certbot.main.config_changes,
certbot.plugins.common.Installer.view_config_changes,
certbot.reverter.Reverter.view_config_changes, and
certbot.util.get_systemd_os_info have been removed
* Certbot's register --update-registration subcommand has been removed
* When possible, default to automatically configuring the webserver so all requests
redirect to secure HTTPS access. This is mostly relevant when running Certbot
in non-interactive mode. Previously, the default was to not redirect all requests.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=51
* --server may now be combined with --dry-run.
* --dry-run now requests fresh authorizations every time, fixing
the issue where it was prone to falsely reporting success.
* The OS detection logic again uses distro library for Linux OSes
* certbot.plugins.common.TLSSNI01 has been deprecated and will be
removed in a future release.
* CLI flags --tls-sni-01-port and --tls-sni-01-address have been removed.
* The values tls-sni and tls-sni-01 for the --preferred-challenges
flag are no longer accepted.
* Removed the flags: --agree-dev-preview, --dialog, and --apache-init-script
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=49
* Update the 'manage your account' help to be more generic.
* Certbot's config_changes subcommand has been deprecated and
will be removed in a future release.
* certbot config_changes no longer accepts a --num parameter.
* The functions certbot.plugins.common.Installer.view_config_changes
and certbot.reverter.Reverter.view_config_changes have been
deprecated and will be removed in a future release.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=33
* Apache plugin now tries to restart httpd on Fedora using systemctl if a
configuration test error is detected. This has to be done due to the way
Fedora now generates the self signed certificate files upon first
restart.
* Updated Certbot and its plugins to improve the handling of file system permissions
on Windows as a step towards adding proper Windows support to Certbot.
* Updated urllib3 to 1.24.2 in certbot-auto.
* Removed the fallback introduced with 0.32.0 in `acme` to retry a challenge response
with a `keyAuthorization` if sending the response without this field caused a
`malformed` error to be received from the ACME server.
* Linode DNS plugin now supports api keys created from their new panel
at [cloud.linode.com](https://cloud.linode.com)
* Adding a warning noting that future versions of Certbot will automatically configure the
webserver so that all requests redirect to secure HTTPS access. You can control this
behavior and disable this warning with the --redirect and --no-redirect flags.
* certbot-auto now prints warnings when run as root with insecure file system
permissions. If you see these messages, you should fix the problem by
following the instructions at
https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979/,
however, these warnings can be disabled as necessary with the flag
--no-permissions-check.
* `acme` module uses now a POST-as-GET request to retrieve the registration
from an ACME v2 server
* Convert the tsig algorithm specified in the certbot_dns_rfc2136 configuration file to
all uppercase letters before validating. This makes the value in the config case
insensitive.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=28
