[Certbot-dev] Certbot 0.34.0 Release
Erica Portnoy
erica at eff.org
Wed May 1 15:40:59 PDT 2019
Certbot 0.34.0 was just released. The changelog for the release is:
## 0.34.0 - 2019-05-01
### Changed
* Apache plugin now tries to restart httpd on Fedora using systemctl if a
configuration test error is detected. This has to be done due to the way
Fedora now generates the self signed certificate files upon first
restart.
* Updated Certbot and its plugins to improve the handling of file system
permissions
on Windows as a step towards adding proper Windows support to Certbot.
* Updated urllib3 to 1.24.2 in certbot-auto.
* Removed the fallback introduced with 0.32.0 in `acme` to retry a
challenge response
with a `keyAuthorization` if sending the response without this field
caused a
`malformed` error to be received from the ACME server.
* Linode DNS plugin now supports api keys created from their new panel
at [cloud.linode.com](https://cloud.linode.com)
* Adding a warning noting that future versions of Certbot will
automatically configure the
webserver so that all requests redirect to secure HTTPS access. You
can control this
behavior and disable this warning with the --redirect and
--no-redirect flags.
* certbot-auto now prints warnings when run as root with insecure file
system
permissions. If you see these messages, you should fix the problem by
following the instructions at
https://community.letsencrypt.org/t/certbot-auto-deployment-best-practices/91979/,
however, these warnings can be disabled as necessary with the flag
--no-permissions-check.
* `acme` module uses now a POST-as-GET request to retrieve the registration
from an ACME v2 server
* Convert the tsig algorithm specified in the certbot_dns_rfc2136
configuration file to
all uppercase letters before validating. This makes the value in the
config case
insensitive.
Despite us having broken lockstep, we are continuing to release new
versions of
all Certbot components during releases for the time being, however, the only
package with changes other than its version number was:
* acme
* certbot
* certbot-apache
* certbot-dns-cloudflare
* certbot-dns-cloudxns
* certbot-dns-digitalocean
* certbot-dns-dnsimple
* certbot-dns-dnsmadeeasy
* certbot-dns-gehirn
* certbot-dns-google
* certbot-dns-linode
* certbot-dns-luadns
* certbot-dns-nsone
* certbot-dns-ovh
* certbot-dns-rfc2136
* certbot-dns-route53
* certbot-dns-sakuracloud
* certbot-nginx
More details about these changes can be found on our GitHub repo.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/certbot-dev/attachments/20190501/d6d5ea41/attachment.html>
More information about the Certbot-dev
mailing list