<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
Certbot 1.4.0 has just been released. The changelog entry for the
release is:<br>
<br>
## 1.4.0 - 2020-05-05<br>
<br>
### Added<br>
<br>
* Turn off session tickets for apache plugin by default when
appropriate.<br>
* Added serial number of certificate to the output of `certbot
certificates`<br>
* Expose two new environment variables in the authenticator and
cleanup scripts used by<br>
the `manual` plugin: `CERTBOT_REMAINING_CHALLENGES` is equal to
the number of challenges<br>
remaining after the current challenge, `CERTBOT_ALL_DOMAINS` is a
comma-separated list<br>
of all domains challenged for the current certificate.<br>
* Added TLS-ALPN-01 challenge support in the `acme` library. Support
of this<br>
challenge in the Certbot client is planned to be added in a future
release.<br>
* Added minimal proxy support for OCSP verification.<br>
* On Windows, hooks are now executed in a Powershell shell instead
of a CMD shell,<br>
allowing both `*.ps1` and `*.bat` as valid scripts for Certbot.<br>
<br>
### Changed<br>
<br>
* Reorganized error message when a user entered an invalid email
address.<br>
* Stop asking interactively if the user would like to add a
redirect.<br>
* `mock` dependency is now conditional on Python 2 in all of our
packages.<br>
* Deprecate certbot-auto on Gentoo, macOS, and FreeBSD.<br>
<br>
### Fixed<br>
<br>
* When using an RFC 8555 compliant endpoint, the `acme` library no
longer sends the<br>
`resource` field in any requests or the `type` field when
responding to challenges.<br>
* Fix nginx plugin crash when non-ASCII configuration file is being
read (instead,<br>
the user will be warned that UTF-8 must be used).<br>
* Fix hanging OCSP queries during revocation checking - added a 10
second timeout.<br>
* Standalone servers now have a default socket timeout of 30
seconds, fixing<br>
cases where an idle connection can cause the standalone plugin to
hang.<br>
* Parsing of the RFC 8555 application/pem-certificate-chain now
tolerates CRLF line<br>
endings. This should fix interoperability with Buypass' services.<br>
<br>
More details about these changes can be found on our GitHub repo.
</body>
</html>