./security/py-certbot, Client for the Lets Encrypt CA

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.16.0, Package name: py38-certbot-1.16.0, Maintainer: adam

Certbot, previously the Let's Encrypt Client, is EFF's tool to
obtain certs from Let's Encrypt, and (optionally) autoenable HTTPS
on your server. It can also act as a client for any other CA that
uses the ACME protocol.


Required to run:
[devel/py-setuptools] [devel/py-ZopeInterface] [time/py-pytz] [time/py-parsedatetime] [devel/py-mock] [security/py-cryptography] [devel/py-ZopeComponent] [devel/py-configobj] [devel/py-configargparse] [time/py-rfc3339] [security/py-acme] [security/py-josepy] [lang/python37] [devel/py-distro]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 5982de3fffb6b956416f2829f54fccd79ece1135
RMD160: 8449a7caf23cb3a619b4b43b026a3110f9ca1073
Filesize: 388.937 KB

Version history: (Expand)


CVS history: (Expand)


   2021-06-14 14:15:41 by Adam Ciarcinski | Files touched by this commit (24) | Package updated
Log message:
py-acme py-certbot*: updated to 1.16.0

Certbot 1.16.0

Changed

DNS plugins based on lexicon now require dns-lexicon >= v3.1.0
Use UTF-8 encoding for renewal configuration files
Windows installer now cleans up old Certbot dependency packages
before installing the new ones to avoid version conflicts.
This release contains a substantial command-line UX overhaul,
based on previous user research. The main goal was to streamline
and clarify output. If you would like to see more verbose output, use
the -v or -vv flags. UX improvements are an iterative process and
the Certbot team welcomes constructive feedback.
Functions certbot.crypto_util.init_save_key and certbot.crypto_util.init_save_csr,
whose behaviors rely on the global Certbot config singleton, are deprecated and will
be removed in a future release. Please use certbot.crypto_util.generate_key and
certbot.crypto_util.generate_csr instead.

Fixed

Fix TypeError due to incompatibility with lexicon >= v3.6.0
Installers (e.g. nginx, Apache) were being restarted unnecessarily after dry-run \ 
renewals.
Colors and bold text should properly render in all supported versions of Windows.
   2021-05-14 10:24:08 by Adam Ciarcinski | Files touched by this commit (17) | Package updated
Log message:
py-acme py-certbot*: updated to 1.15.0

1.15.0 - 2021-05-04
More details about these changes can be found on our GitHub repo.
   2021-04-15 07:16:37 by Adam Ciarcinski | Files touched by this commit (18) | Package updated
Log message:
py-acme py-certbot*: updated to 1.14.0

Certbot 1.14.0

Changed

certbot-auto no longer checks for updates on any operating system.
The module acme.magic_typing is deprecated and will be removed in a future release.
Please use the built-in module typing instead.
The DigitalOcean plugin now creates TXT records for the DNS-01 challenge with a \ 
lower 30s TTL.

Fixed

Don't output an empty line for a hidden certificate when certbot certificates is \ 
being used
in combination with --cert-name or -d.
   2021-03-06 14:34:25 by Adam Ciarcinski | Files touched by this commit (17) | Package updated
Log message:
py-acme py-certbot*: updated to 1.13.0

Certbot 1.13.0

Changed

CLI flags --os-packages-only, --no-self-upgrade, --no-bootstrap and \ 
--no-permissions-check,
which are related to certbot-auto, are deprecated and will be removed in a \ 
future release.
Certbot no longer conditionally depends on an external mock module. Certbot's
test API will continue to use it if it is available for backwards
compatibility, however, this behavior has been deprecated and will be removed
in a future release.
The acme library no longer depends on the security extras from requests
which was needed to support SNI in TLS requests when using old versions of
Python 2.
Certbot and all of its components no longer depend on the library six.
The update of certbot-auto itself is now disabled on all RHEL-like systems.
When revoking a certificate by --cert-name, it is no longer necessary to specify \ 
the --server
if the certificate was obtained from a non-default ACME server.
The nginx authenticator now configures all matching HTTP and HTTPS vhosts for \ 
the HTTP-01
challenge. It is now compatible with external HTTPS redirection by a CDN or load \ 
balancer.
   2021-02-09 11:06:43 by Adam Ciarcinski | Files touched by this commit (34) | Package updated
Log message:
py-acme py-certbot*: updated to 1.12.0

1.12.0

Changed

The --preferred-chain flag now only checks the Issuer Common Name of the topmost \ 
(closest to the root) certificate in the chain, instead of checking every \ 
certificate in the chain.
Support for Python 2 has been removed.
In previous releases, we caused certbot-auto to stop updating its Certbot \ 
installation. In this release, we are beginning to disable updates to the \ 
certbot-auto script itself. This release includes Amazon Linux users, and all \ 
other systems that are not based on Debian or RHEL. We plan to make this change \ 
to the certbot-auto script for all users in the coming months.

Fixed

Fixed the apache component on openSUSE Tumbleweed which no longer provides an \ 
apache2ctl symlink and uses apachectl instead.
Fixed a typo in certbot/crypto_util.py causing an error upon attempting \ 
secp521r1 key generation
   2021-01-14 15:21:51 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-acme py-certbot: updated to 1.11.0

Certbot 1.11.0

Changed

We deprecated support for Python 2 in Certbot and its ACME library.
Support for Python 2 will be removed in the next planned release of Certbot.
certbot-auto was deprecated on all systems. For more information about this
change, see
https://community.letsencrypt.org/t/cer … /139702/7.
We deprecated support for Apache 2.2 in the certbot-apache plugin and it will
be removed in a future release of Certbot.

Fixed

The Certbot snap no longer loads packages installed via pip install --user. This
was unintended and DNS plugins should be installed via snap instead.
certbot-dns-google would sometimes crash with HTTP 409/412 errors when used with \ 
very large zones.
certbot-dns-google would sometimes crash with an HTTP 412 error if preexisting \ 
records had an unexpected TTL, i.e.: different than Certbot's default TTL for \ 
this plugin.
More details about these changes can be found on our GitHub repo.
   2020-12-09 13:31:37 by Adam Ciarcinski | Files touched by this commit (18) | Package updated
Log message:
py-acme py-certbot*: updated to 1.10.1

1.10.1 - 2020-12-03

Fixed

Fixed a bug in certbot.util.add_deprecated_argument that caused the deprecated \ 
--manual-public-ip-logging-ok flag to crash Certbot in some scenarios.
More details about these changes can be found on our GitHub repo.

1.10.0 - 2020-12-01

Added

Added timeout to DNS query function calls for dns-rfc2136 plugin.
Confirmation when deleting certificates
CLI flag --key-type has been added to specify 'rsa' or 'ecdsa' (default 'rsa').
CLI flag --elliptic-curve has been added which takes an NIST/SECG elliptic \ 
curve. Any of secp256r1, secp384r1 and secp521r1 are accepted values.
The command certbot certficates lists the which type of the private key that was \ 
used for the private key.
Support for Python 3.9 was added to Certbot and all of its components.

Changed

certbot-auto was deprecated on Debian based systems.
CLI flag --manual-public-ip-logging-ok is now a no-op, generates a deprecation \ 
warning, and will be removed in a future release.

Fixed

Fixed a Unicode-related crash in the nginx plugin when running under Python 2.
   2020-10-18 20:45:03 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
py-acme py-certbot: updated to 1.9.0

Certbot 1.9.0

Added

--preconfigured-renewal flag, for packager use only.
See the packaging guide.

Changed

certbot-auto was deprecated on all systems except for those based on Debian or RHEL.
Update the packaging instructions to promote usage of python -m pytest to test \ 
Certbot
instead of the deprecated python setup.py test setuptools approach.
Reduced CLI logging when reloading nginx, if it is not running.
Reduced CLI logging when handling some kinds of errors.

Fixed

Fixed server_name case-sensitivity in the nginx plugin.
The minimum version of the acme library required by Certbot was corrected.
In the previous release, Certbot said it required acme>=1.6.0 when it
actually required acme>=1.8.0 to properly support removing contact
information from an ACME account.
Upgraded the version of httplib2 used in our snaps and Docker images to add
support for proxy environment variables and fix the plugin for Google Cloud
DNS.