- update to version 0.32.0
* If possible, Certbot uses built-in support for OCSP from recent
cryptography versions instead of the OpenSSL binary: as a
consequence Certbot does not need the OpenSSL binary to be
installed anymore if cryptography>=2.5 is installed.
* Certbot and its acme module now depend on josepy>=1.1.0.
* Apache plugin now respects CERTBOT_DOCS environment variable when
adding command line defaults.
* The running of manual plugin hooks is now always included in
Certbot's log output.
* Tests execution now relies on pytest.
* An ACME CA server may return a "Retry-After" HTTP header on
authorization polling, as specified in the ACME protocol, to
indicate when the next polling should occur. Certbot now reads
this header if set and respect its value.
* The acme module avoids sending the keyAuthorization field in
the JWS payload when responding to a challenge as the field is
not included in the current ACME protocol. To ease the migration
path for ACME CA servers, Certbot and its acme module will first
try the request without the keyAuthorization field but will
temporarily retry the request with the field included if a
malformed error is received. This fallback will be removed in
version 0.34.0.
OBS-URL: https://build.opensuse.org/request/show/685973
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=24
- Update to 0.30.2:
* Update the version of setuptools pinned in certbot-auto to 40.6.3 to
solve installation problems on newer OSes.
* Always download the pinned version of pip in pipstrap to address breakages
* Rename old,default.conf to old-and-default.conf to address commas in filenames
breaking recent versions of pip.
* Add VIRTUALENV_NO_DOWNLOAD=1 to all calls to virtualenv to address breakages
from venv downloading the latest pip
* Added the `update_account` subcommand for account management commands.
OBS-URL: https://build.opensuse.org/request/show/669788
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-certbot?expand=0&rev=7
* Update the version of setuptools pinned in certbot-auto to 40.6.3 to
solve installation problems on newer OSes.
* Always download the pinned version of pip in pipstrap to address breakages
* Rename old,default.conf to old-and-default.conf to address commas in filenames
breaking recent versions of pip.
* Add VIRTUALENV_NO_DOWNLOAD=1 to all calls to virtualenv to address breakages
from venv downloading the latest pip
* Added the `update_account` subcommand for account management commands.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=18
- update to 0.29.1:
* The default work and log directories have been changed back
to /var/lib/letsencrypt and /var/log/letsencrypt respectively.
* Noninteractive renewals with `certbot renew` (those not started
from a terminal) now randomly sleep 1-480 seconds before beginning
work in order to spread out load spikes on the server side.
* Added External Account Binding support in cli and acme library.
Command line arguments --eab-kid and --eab-hmac-key added.
* Private key permissioning changes: Renewal preserves existing group mode
& gid of previous private key material. Private keys for new
lineages (i.e. new certs, not renewed) default to 0o600.
* Update code and dependencies to clean up Resource and Deprecation Warnings.
* Only depend on imgconverter extension for Sphinx >= 1.6
- update URL
OBS-URL: https://build.opensuse.org/request/show/658302
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-certbot?expand=0&rev=6
* The default work and log directories have been changed back
to /var/lib/letsencrypt and /var/log/letsencrypt respectively.
* Noninteractive renewals with `certbot renew` (those not started
from a terminal) now randomly sleep 1-480 seconds before beginning
work in order to spread out load spikes on the server side.
* Added External Account Binding support in cli and acme library.
Command line arguments --eab-kid and --eab-hmac-key added.
* Private key permissioning changes: Renewal preserves existing group mode
& gid of previous private key material. Private keys for new
lineages (i.e. new certs, not renewed) default to 0o600.
* Update code and dependencies to clean up Resource and Deprecation Warnings.
* Only depend on imgconverter extension for Sphinx >= 1.6
- update URL
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=16
