From erica at eff.org Tue May 5 14:53:06 2020 From: erica at eff.org (Erica Portnoy) Date: Tue, 5 May 2020 14:53:06 -0700 Subject: [Certbot-dev] Certbot 1.4.0 Release Message-ID: Certbot 1.4.0 has just been released. The changelog entry for the release is: ## 1.4.0 - 2020-05-05 ### Added * Turn off session tickets for apache plugin by default when appropriate. * Added serial number of certificate to the output of `certbot certificates` * Expose two new environment variables in the authenticator and cleanup scripts used by   the `manual` plugin: `CERTBOT_REMAINING_CHALLENGES` is equal to the number of challenges   remaining after the current challenge, `CERTBOT_ALL_DOMAINS` is a comma-separated list   of all domains challenged for the current certificate. * Added TLS-ALPN-01 challenge support in the `acme` library. Support of this   challenge in the Certbot client is planned to be added in a future release. * Added minimal proxy support for OCSP verification. * On Windows, hooks are now executed in a Powershell shell instead of a CMD shell,   allowing both `*.ps1` and `*.bat` as valid scripts for Certbot. ### Changed * Reorganized error message when a user entered an invalid email address. * Stop asking interactively if the user would like to add a redirect. * `mock` dependency is now conditional on Python 2 in all of our packages. * Deprecate certbot-auto on Gentoo, macOS, and FreeBSD. ### Fixed * When using an RFC 8555 compliant endpoint, the `acme` library no longer sends the   `resource` field in any requests or the `type` field when responding to challenges. * Fix nginx plugin crash when non-ASCII configuration file is being read (instead,   the user will be warned that UTF-8 must be used). * Fix hanging OCSP queries during revocation checking - added a 10 second timeout. * Standalone servers now have a default socket timeout of 30 seconds, fixing   cases where an idle connection can cause the standalone plugin to hang. * Parsing of the RFC 8555 application/pem-certificate-chain now tolerates CRLF line   endings. This should fix interoperability with Buypass' services. More details about these changes can be found on our GitHub repo. -------------- next part -------------- An HTML attachment was scrubbed... URL: