[Certbot-dev] Version 0.17.0 has been released

Brad Warren bmw at eff.org
Wed Aug 2 12:11:49 PDT 2017

The changelog is:

### Added

* Support in our nginx plugin for modifying SSL server blocks that do
not contain certificate or key directives.
* A `--max-log-backups` flag to allow users to configure or even
completely disable Certbot's built in log rotation.
* A `--user-agent-comment` flag to allow people who build tools around
Certbot to differentiate their user agent string by adding a comment to
its default value.

### Changed

* Due to some awesome work by [cryptography
project](https://github.com/pyca/cryptography), compilation can now be
avoided on most systems when using certbot-auto. This eliminates many
problems people have had in the past such as running out of memory,
having invalid headers/libraries, and changes to the OS packages on
their system after compilation breaking Certbot.
* The `--renew-hook` flag has been hidden in favor of `--deploy-hook`.
This new flag works exactly the same way except it is always run when a
certificate is issued rather than just when it is renewed.
* We have started printing deprecation warnings in certbot-auto for
experimentally supported systems with OS packages available.
* A certificate lineage's name is included in error messages during renewal.

### Fixed

* Encoding errors that could occur when parsing error messages from the
ACME server containing Unicode have been resolved.
* certbot-auto no longer prints misleading messages about there being a
newer pip version available when installation fails.
* Certbot's ACME library now properly extracts domains from critical SAN

More details about these changes can be found on our GitHub repo:

More information about the Certbot-dev mailing list