./security/py-certbot, Client for the Lets Encrypt CA

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.13.0, Package name: py38-certbot-1.13.0, Maintainer: adam

Certbot, previously the Let's Encrypt Client, is EFF's tool to
obtain certs from Let's Encrypt, and (optionally) autoenable HTTPS
on your server. It can also act as a client for any other CA that
uses the ACME protocol.


Required to run:
[devel/py-setuptools] [devel/py-ZopeInterface] [time/py-pytz] [time/py-parsedatetime] [devel/py-mock] [security/py-cryptography] [devel/py-ZopeComponent] [devel/py-configobj] [devel/py-configargparse] [time/py-rfc3339] [security/py-acme] [security/py-josepy] [lang/python37] [devel/py-distro]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 5f6d403e009ddeda3301d14493e237d8adbe3037
RMD160: 75c41784a894b9b158862a5166e6b5f5d80ec78f
Filesize: 383.948 KB

Version history: (Expand)


CVS history: (Expand)


   2021-03-06 14:34:25 by Adam Ciarcinski | Files touched by this commit (17) | Package updated
Log message:
py-acme py-certbot*: updated to 1.13.0

Certbot 1.13.0

Changed

CLI flags --os-packages-only, --no-self-upgrade, --no-bootstrap and \ 
--no-permissions-check,
which are related to certbot-auto, are deprecated and will be removed in a \ 
future release.
Certbot no longer conditionally depends on an external mock module. Certbot's
test API will continue to use it if it is available for backwards
compatibility, however, this behavior has been deprecated and will be removed
in a future release.
The acme library no longer depends on the security extras from requests
which was needed to support SNI in TLS requests when using old versions of
Python 2.
Certbot and all of its components no longer depend on the library six.
The update of certbot-auto itself is now disabled on all RHEL-like systems.
When revoking a certificate by --cert-name, it is no longer necessary to specify \ 
the --server
if the certificate was obtained from a non-default ACME server.
The nginx authenticator now configures all matching HTTP and HTTPS vhosts for \ 
the HTTP-01
challenge. It is now compatible with external HTTPS redirection by a CDN or load \ 
balancer.
   2021-02-09 11:06:43 by Adam Ciarcinski | Files touched by this commit (34) | Package updated
Log message:
py-acme py-certbot*: updated to 1.12.0

1.12.0

Changed

The --preferred-chain flag now only checks the Issuer Common Name of the topmost \ 
(closest to the root) certificate in the chain, instead of checking every \ 
certificate in the chain.
Support for Python 2 has been removed.
In previous releases, we caused certbot-auto to stop updating its Certbot \ 
installation. In this release, we are beginning to disable updates to the \ 
certbot-auto script itself. This release includes Amazon Linux users, and all \ 
other systems that are not based on Debian or RHEL. We plan to make this change \ 
to the certbot-auto script for all users in the coming months.

Fixed

Fixed the apache component on openSUSE Tumbleweed which no longer provides an \ 
apache2ctl symlink and uses apachectl instead.
Fixed a typo in certbot/crypto_util.py causing an error upon attempting \ 
secp521r1 key generation
   2021-01-14 15:21:51 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-acme py-certbot: updated to 1.11.0

Certbot 1.11.0

Changed

We deprecated support for Python 2 in Certbot and its ACME library.
Support for Python 2 will be removed in the next planned release of Certbot.
certbot-auto was deprecated on all systems. For more information about this
change, see
https://community.letsencrypt.org/t/cer … /139702/7.
We deprecated support for Apache 2.2 in the certbot-apache plugin and it will
be removed in a future release of Certbot.

Fixed

The Certbot snap no longer loads packages installed via pip install --user. This
was unintended and DNS plugins should be installed via snap instead.
certbot-dns-google would sometimes crash with HTTP 409/412 errors when used with \ 
very large zones.
certbot-dns-google would sometimes crash with an HTTP 412 error if preexisting \ 
records had an unexpected TTL, i.e.: different than Certbot's default TTL for \ 
this plugin.
More details about these changes can be found on our GitHub repo.
   2020-12-09 13:31:37 by Adam Ciarcinski | Files touched by this commit (18) | Package updated
Log message:
py-acme py-certbot*: updated to 1.10.1

1.10.1 - 2020-12-03

Fixed

Fixed a bug in certbot.util.add_deprecated_argument that caused the deprecated \ 
--manual-public-ip-logging-ok flag to crash Certbot in some scenarios.
More details about these changes can be found on our GitHub repo.

1.10.0 - 2020-12-01

Added

Added timeout to DNS query function calls for dns-rfc2136 plugin.
Confirmation when deleting certificates
CLI flag --key-type has been added to specify 'rsa' or 'ecdsa' (default 'rsa').
CLI flag --elliptic-curve has been added which takes an NIST/SECG elliptic \ 
curve. Any of secp256r1, secp384r1 and secp521r1 are accepted values.
The command certbot certficates lists the which type of the private key that was \ 
used for the private key.
Support for Python 3.9 was added to Certbot and all of its components.

Changed

certbot-auto was deprecated on Debian based systems.
CLI flag --manual-public-ip-logging-ok is now a no-op, generates a deprecation \ 
warning, and will be removed in a future release.

Fixed

Fixed a Unicode-related crash in the nginx plugin when running under Python 2.
   2020-10-18 20:45:03 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
py-acme py-certbot: updated to 1.9.0

Certbot 1.9.0

Added

--preconfigured-renewal flag, for packager use only.
See the packaging guide.

Changed

certbot-auto was deprecated on all systems except for those based on Debian or RHEL.
Update the packaging instructions to promote usage of python -m pytest to test \ 
Certbot
instead of the deprecated python setup.py test setuptools approach.
Reduced CLI logging when reloading nginx, if it is not running.
Reduced CLI logging when handling some kinds of errors.

Fixed

Fixed server_name case-sensitivity in the nginx plugin.
The minimum version of the acme library required by Certbot was corrected.
In the previous release, Certbot said it required acme>=1.6.0 when it
actually required acme>=1.8.0 to properly support removing contact
information from an ACME account.
Upgraded the version of httplib2 used in our snaps and Docker images to add
support for proxy environment variables and fix the plugin for Google Cloud
DNS.
   2020-09-30 11:03:47 by Adam Ciarcinski | Files touched by this commit (33) | Package updated
Log message:
py-acme py-certbot*: updated to 1.8.0

Certbot 1.8.0

Added
Added the ability to remove email and phone contact information from an account
using update_account --register-unsafely-without-email

Changed
Support for Python 3.5 has been removed.

Fixed
The problem causing the Apache plugin in the Certbot snap on ARM systems to
fail to load the Augeas library it depends on has been fixed.
The acme library can now tell the ACME server to clear contact information by \ 
passing an empty
tuple to the contact field of a Registration message.
Fixed the *** stack smashing detected *** error in the Certbot snap on some systems.
More details about these changes can be found on our GitHub repo.
   2020-09-01 01:07:07 by Thomas Klausner | Files touched by this commit (62)
Log message:
*: switch to versioned_dependencies.mk for py-setuptools
   2020-08-26 13:10:15 by Adam Ciarcinski | Files touched by this commit (18) | Package updated
Log message:
py-acme py-certbot*: updated to 1.7.0

Certbot 1.7.0

Added

Third-party plugins can be used without prefix (plugin_name instead of \ 
dist_name:plugin_name):
this concerns the plugin name, CLI flags, and keys in credential files.
The prefixed form is still supported but is deprecated, and will be removed in a \ 
future release.
Added --nginx-sleep-seconds (default 1) for environments where nginx takes a \ 
long time to reload.

Changed

The Linode DNS plugin now waits 120 seconds for DNS propagation, instead of 1200,
due to https://www.linode.com/blog/linode/linode-turns-17/
We deprecated support for Python 3.5 in Certbot and its ACME library.
Support for Python 3.5 will be removed in the next major release of Certbot.
More details about these changes can be found on our GitHub repo.