0.13.0 - 2019-09-30
·
32 commits
to master
since this release
Upgrade Notes
This version upgrades the bundled version of the dehydrated library to fix certificate registration due to recent changes in the Let's Encrypt service. It also brings support for ACMEv2 which will be required for new account registration in November. Upgrading is recommended or certificate registration and renewal may fail. See #192, #189 for more details.
Added
- Allow for additional Redis connect options to be specified. (#191)
- Pass
ssl_optionsandrenewalarguments to theallow_domaincallback. Thanks to @gohai. (#123, #176) - Add support for specifying HTTP proxy options for OCSP requests. Thanks to @Unknown22. (#133)
Changed
- Upgrade dehydrated to v0.6.5. This fixes "badNonce" errors cropping up since 2019-09-23 and also supports ACMEv2 which will be required for new account registration in November. Thanks to @luto. (#190, #192, #189)
- Check whether domains are allowed (by calling
allow_domaincallback) on renewals. Thanks to @yveslaroche. (#176) - Remove certificates that cannot be successfully renewed. Thanks to @gohai. (#128)
- Don't store backups of previous versions of certificates. Thanks to @gohai. (#124)
- Cleanup unused cert files after successfully adding certs to permanent storage. Thanks to @gohai. (#155)
- Randomize order of certificate renewal processing. Thanks to @luto. (#154)
- Upgrade sockproc to newer version to fix compiling under FreeBSD. Thanks to @imerr. (#118)
- Improve shell command escaping and handling. This could potentially fix issues if trying to store files in directories with spaces in the name. (#175)
- Switch the test suite to be written in Lua to better align with the code base, and hopefully make it easier to debug and maintain. (#193)