./security/py-certbot, Client for the Lets Encrypt CA

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.17.0, Package name: py27-certbot-0.17.0, Maintainer: filip

Certbot, previously the Let's Encrypt Client, is EFF's tool to
obtain certs from Let's Encrypt, and (optionally) autoenable HTTPS
on your server. It can also act as a client for any other CA that
uses the ACME protocol.


Required to run:
[security/py-OpenSSL] [devel/py-setuptools] [devel/py-ZopeInterface] [time/py-pytz] [time/py-parsedatetime] [devel/py-mock] [lang/python27] [lang/py-six] [security/py-cryptography] [devel/py-ZopeComponent] [devel/py-configobj] [devel/py-configargparse] [time/py-rfc3339] [security/py-acme]

Required to build:
[devel/py-readline] [pkgtools/cwrappers]

Master sites:

SHA1: 1ca31bc14c632d8434cecbbf2b0cefde0c399a04
RMD160: fb9e659d1e513d547fb7f28ed21173b11570228f
Filesize: 1011.815 KB

Version history: (Expand)


CVS history: (Expand)


   2017-08-04 00:12:17 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
Update security/py-certbot and security/py-acme to 0.17.0.

### Added

- Support in our nginx plugin for modifying SSL server blocks that do
  not contain certificate or key directives.
- A `--max-log-backups` flag to allow users to configure or even completely
  disable Certbot's built in log rotation.
- A `--user-agent-comment` flag to allow people who build tools around Certbot
  to differentiate their user agent string by adding a comment to its default
  value.

### Changed

- Due to some awesome work by cryptography project, compilation can now be
  avoided on most systems when using certbot-auto.
- The `--renew-hook` flag has been hidden in favor of `--deploy-hook`.
- We have started printing deprecation warnings in certbot-auto for
  experimentally supported systems with OS packages available.
- A certificate lineage's name is included in error messages during renewal.

### Fixed

- Encoding errors that could occur when parsing error messages from the ACME
  server containing Unicode have been resolved.
- certbot-auto no longer prints misleading messages about there being a newer
  pip version available when installation fails.
- Certbot's ACME library now properly extracts domains from critical SAN
  extensions.
   2017-08-02 22:31:29 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update security/py-certbot to 0.16.0.

Added
- A plugin for performing DNS challenges using dynamic DNS updates as
  defined in RFC 2316 (available separately).
- Plugins for performing DNS challenges for the providers DNS Made
  Easy and LuaDNS (available separately).
- Support for performing TLS-SNI-01 challenges when using the manual
  plugin.
- Automatic detection of Arch Linux in the Apache plugin providing
  better default settings for the plugin.

Changed
- The text of the interactive question about whether a redirect from
  HTTP to HTTPS should be added by Certbot has been rewritten to
  better explain the choices to the user.
- Simplified HTTP challenge instructions in the manual plugin.

Fixed
- Problems performing a dry run when using the Nginx plugin have been
  fixed.
- Resolved an issue where certbot-dns-digitalocean's test suite would
  sometimes fail when ran using Python 3.
- On some systems, previous versions of certbot-auto would error out
  with a message about a missing hash for setuptools.
- A bug where Certbot would sometimes not print a space at the end of
  an interactive prompt has been resolved.
- Nonfatal tracebacks are no longer shown in rare cases where Certbot
  encounters an exception trying to close its TCP connection with the
  ACME server.
   2017-06-14 15:16:08 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
Update security/py-certbot and security/py-acme to 0.15.0

Added
- Plugins for performing DNS challenges for popular providers
- IPv6 support in the standalone plugin.
- A mechanism for keeping your Apache and Nginx SSL/TLS configuration
  up to date.
- --http-01-address and --tls-sni-01-address flags for controlling the
  address Certbot listens on when using the standalone plugin.
- The command certbot certificates that lists certificates managed by
  Certbot now performs additional validity checks to notify you if
  your files have become corrupted.

Changed
- Messages custom hooks print to stdout are now displayed by Certbot
  when not running in --quiet mode.
- jwk and alg fields in JWS objects have been moved into the protected
  header causing Certbot to more closely follow the latest version of
  the ACME spec.

Fixed
- Permissions on renewal configuration files are now properly
  preserved when they are updated.
- A bug causing Certbot to display strange defaults in its help output
  when using Python <= 2.7.4 has been fixed.
- Certbot now properly handles mixed case domain names found in custom
  CSRs.
- A number of poorly worded prompts and error messages.

Removed
- Support for OpenSSL 1.0.0 in certbot-auto has been removed as we now
  pin a newer version of cryptography which dropped support for this
  version.
   2017-05-30 16:28:52 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
Update security/py-certbot to 0.14.2.

0.14.2
- Certbot 0.14.0 included a bug where Certbot would create a temporary
  log file (usually in /tmp) if the program exited during argument parsing.

0.14.1
- Certbot now works with configargparse 0.12.0.
- Issues with the Apache plugin and Augeas 1.7+ have been resolved.
- A problem where the Nginx plugin would fail to install certificates on
  systems that had the plugin's SSL/TLS options file from 7+ months ago
  has been fixed.
   2017-05-11 10:23:35 by Filip Hajny | Files touched by this commit (8) | Package updated
Log message:
Update py-certbot and py-acme to 0.14.0.
Use ALTERNATIVES to handle different Python versions better.

0.14.0 - 2017-05-04

Added

- Python 3.3+ support for all Certbot packages. certbot-auto still
  currently only supports Python 2, but the acme, certbot,
  certbot-apache, and certbot-nginx packages on PyPI now fully support
  Python 2.6, 2.7, and 3.3+.
- Certbot's Apache plugin now handles multiple virtual hosts per file.
- Lockfiles to prevent multiple versions of Certbot running
  simultaneously.

Changed

- When converting an HTTP virtual host to HTTPS in Apache, Certbot
  only copies the virtual host rather than the entire contents of the
  file it's contained in.
- The Nginx plugin now includes SSL/TLS directives in a separate file
  located in Certbot's configuration directory rather than copying the
  contents of the file into every modified server block.

Fixed

- Ensure logging is configured before parts of Certbot attempt to log
  any messages.
- Support for the --quiet flag in certbot-auto.
- Reverted a change made in a previous release to make the acme and
  certbot packages always depend on argparse. This dependency is
  conditional again on the user's Python version.
- Small bugs in the Nginx plugin such as properly handling empty
  server blocks and setting server_names_hash_bucket_size during
  challenges.
   2017-04-10 12:29:38 by Filip Hajny | Files touched by this commit (2)
Log message:
Fix stale and missing dependencies in py-acme and py-certbot. PKGREVISION++
   2017-04-06 21:51:15 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
Update security/py-certbot and security/py-acme to 0.13.0.

0.13.0 - 2017-04-06

Added
- --debug-challenges pauses Certbot after setting up challenges for
  debugging.
- The Nginx parser can handle all valid directives in configuration
  files.
- Nginx ciphersuites changed to Mozilla Intermediate.
- certbot-auto --no-bootstrap won't install OS dependencies.

Fixed
- --register-unsafely-without-email respects --quiet.
- Hyphenated renewalparams are now saved in renewal config files.
- --dry-run no longer persists keys and csrs.
- No longer hangs when trying to start Nginx in Arch Linux.
- Apache rewrite rules no longer double-encode characters.

0.12.0 - 2017-03-02

Added
- Allow non-camelcase Apache VirtualHost names
- Allow more log messages to be silenced

Fixed
- Fix a regression around using --cert-name when getting new
  certificates
   2017-02-07 15:03:58 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Updated py-certbot to 0.11.1.

No concise changelog found. ~30 bugs/issues fixed.