mirror of https://github.com/breard-r/acmed.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3.9 KiB
3.9 KiB
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[Unreleased]
Added
- Hooks now have the optional
allow_failure
field.
Fixed
- The http-01-echo hook now correctly sets the file's access rights
[0.5.0] - 2019-05-09
Added
- ACMEd now displays a warning when the server indicates an error in an order or an authorization.
- A configuration file can now include several other files.
- Hooks have access to environment variables.
- In the configuration, the global section, certificates and domains can define environment variables for the hooks.
- tacd is now able to listen on a unix socket.
[0.4.0] - 2019-05-08
Added
- Man pages.
- The project can now be built and installed using
make
. - The post-operation hooks now have access to the
is_success
template variable. - Challenge hooks now have the
is_clean_hook
template variable. - An existing certificate will be renewed if more domains have been added in the configuration.
Changed
- Unknown configuration fields are no longer tolerated.
Removed
- In challenge hooks, the
algorithm
template variable has been removed.
Fixed
- In some cases, ACMEd was unable to parse a certificate's expiration date.
[0.3.0] - 2019-04-30
Added
- tacd, the TLS-ALPN-01 validation daemon.
- An account object has been added in the configuration.
- In the configuration, hooks now have a mandatory
type
variable. - It is now possible to declare hooks to clean after the challenge validation hooks.
- The CLI
--root-cert
option has been added. - Failure recovery: HTTPS requests rejected by the server that are recoverable, like the badNonce error, are now retried several times before being considered a hard failure.
- The TLS-ALPN-01 challenge is now supported. The proof is a string representation of the acmeIdentifier extension. The self-signed certificate itself has to be built by a hook.
Changed
- In the configuration, the
email
certificate field has been replaced by theaccount
field which matches an account object. - The format of the
domain
configuration variable has changed and now includes the challenge type. - The
token
challenge hook variable has been renamedfile_name
. - The
challenge_hooks
,post_operation_hooks
,file_pre_create_hooks
,file_post_create_hooks
,file_pre_edit_hooks
andfile_post_edit_hooks
certificate variables has been replaced byhooks
. - The logs has been purged from many useless debug and trace entries.
Removed
- The DER storage format has been removed.
- The
challenge
certificate variables has been removed.
[0.2.1] - 2019-03-30
Changed
- The bug that prevented from requesting more than two certificates has been fixed.
[0.2.0] - 2019-03-27
Added
- The
kp_reuse
flag allow to reuse a key pair instead of creating a new one at each renewal. - It is now possible to define hook groups that can reference either hooks or other hook groups.
- Hooks can be defined when before and after a file is created or edited (
file_pre_create_hooks
,file_post_create_hooks
,file_pre_edit_hooks
andfile_post_edit_hooks
). - It is now possible to send logs either to syslog or stderr using the
--to-syslog
and--to-stderr
arguments.
Changed
post_operation_hook
has been renamedpost_operation_hooks
.- By default, logs are now sent to syslog instead of stderr.
- The process is now daemonized by default. It is possible to still run it in the foreground using the
--foregroung
flag.