<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Certbot 0.32.0 has just been released. The changelog for the release
is:<br>
<br>
## 0.32.0 - 2019-03-06<br>
<br>
### Added<br>
<br>
* If possible, Certbot uses built-in support for OCSP from recent
cryptography<br>
versions instead of the OpenSSL binary: as a consequence Certbot
does not need<br>
the OpenSSL binary to be installed anymore if cryptography>=2.5
is installed.<br>
<br>
### Changed<br>
<br>
* Certbot and its acme module now depend on josepy>=1.1.0 to
avoid printing the<br>
warnings described at <a class="moz-txt-link-freetext" href="https://github.com/certbot/josepy/issues/13">https://github.com/certbot/josepy/issues/13</a>.<br>
* Apache plugin now respects CERTBOT_DOCS environment variable when
adding<br>
command line defaults.<br>
* The running of manual plugin hooks is now always included in
Certbot's log<br>
output.<br>
* Tests execution for certbot, certbot-apache and certbot-nginx
packages now relies on pytest.<br>
* An ACME CA server may return a "Retry-After" HTTP header on
authorization polling, as<br>
specified in the ACME protocol, to indicate when the next polling
should occur. Certbot now<br>
reads this header if set and respect its value.<br>
* The `acme` module avoids sending the `keyAuthorization` field in
the JWS<br>
payload when responding to a challenge as the field is not
included in the<br>
current ACME protocol. To ease the migration path for ACME CA
servers,<br>
Certbot and its `acme` module will first try the request without
the<br>
`keyAuthorization` field but will temporarily retry the request
with the<br>
field included if a `malformed` error is received. This fallback
will be<br>
removed in version 0.34.0.<br>
<br>
Despite us having broken lockstep, we are continuing to release new
versions of<br>
all Certbot components during releases for the time being, however,
the only<br>
package with changes other than its version number was:<br>
<br>
* acme<br>
* certbot<br>
* certbot-apache<br>
* certbot-nginx<br>
<br>
More details about these changes can be found on our GitHub repo.
</body>
</html>