You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: CHANGELOG.md
+49
Original file line number
Diff line number
Diff line change
@@ -1,5 +1,54 @@
1
1
# Changelog
2
2
3
+
## [0.4.0] - 2017-07-13
4
+
5
+
### Added:
6
+
- CLI: The `--http-timeout` switch. This allows for an override of the default client HTTP timeout.
7
+
- lib: The `HTTPClient` field. This allows for an override of the default HTTP timeout for library HTTP requests.
8
+
- CLI: The `--dns-timeout` switch. This allows for an override of the default DNS timeout for library DNS requests.
9
+
- lib: The `DNSTimeout` switch. This allows for an override of the default client DNS timeout.
10
+
- lib: The `QueryRegistration` function on `acme.Client`. This performs a POST on the client registration's URI and gets the updated registration info.
11
+
- lib: The `DeleteRegistration` function on `acme.Client`. This deletes the registration as currently configured in the client.
12
+
- lib: The `ObtainCertificateForCSR` function on `acme.Client`. The function allows to request a certificate for an already existing CSR.
13
+
- CLI: The `--csr` switch. Allows to use already existing CSRs for certificate requests on the command line.
14
+
- CLI: The `--pem` flag. This will change the certificate output so it outputs a .pem file concatanating the .key and .crt files together.
15
+
- CLI: The `--dns-resolvers` flag. Allows for users to override the default DNS servers used for recursive lookup.
16
+
- lib: Added a memcached provider for the HTTP challenge.
17
+
- CLI: The `--memcached-host` flag. This allows to use memcached for challenge storage.
18
+
- CLI: The `--must-staple` flag. This enables OCSP must staple in the generated CSR.
19
+
- lib: The library will now honor entries in your resolv.conf.
20
+
- lib: Added a field `IssuerCertificate` to the `CertificateResource` struct.
21
+
- lib: A new DNS provider for OVH.
22
+
- lib: A new DNS provider for DNSMadeEasy.
23
+
- lib: A new DNS provider for Linode.
24
+
- lib: A new DNS provider for AuroraDNS.
25
+
- lib: A new DNS provider for NS1.
26
+
- lib: A new DNS provider for Azure DNS.
27
+
- lib: A new DNS provider for Rackspace DNS.
28
+
- lib: A new DNS provider for Exoscale DNS.
29
+
- lib: A new DNS provider for DNSPod.
30
+
31
+
### Changed:
32
+
- lib: Exported the `PreCheckDNS` field so library users can manage the DNS check in tests.
33
+
- lib: The library will now skip challenge solving if a valid Authz already exists.
34
+
35
+
### Removed:
36
+
- lib: The library will no longer check for auto renewed certificates. This has been removed from the spec and is not supported in Boulder.
37
+
38
+
### Fixed:
39
+
- lib: Fix a problem with the Route53 provider where it was possible the verification was published to a private zone.
40
+
- lib: Loading an account from file should fail if a integral part is nil
41
+
- lib: Fix a potential issue where the Dyn provider could resolve to an incorrect zone.
42
+
- lib: If a registration encounteres a conflict, the old registration is now recovered.
43
+
- CLI: The account.json file no longer has the executable flag set.
44
+
- lib: Made the client registration more robust in case of a 403 HTTP response.
45
+
- lib: Fixed an issue with zone lookups when they have a CNAME in another zone.
46
+
- lib: Fixed the lookup for the authoritative zone for Google Cloud.
47
+
- lib: Fixed a race condition in the nonce store.
48
+
- lib: The Google Cloud provider now removes old entries before trying to add new ones.
49
+
- lib: Fixed a condition where we could stall due to an early error condition.
50
+
- lib: Fixed an issue where Authz object could end up in an active state after an error condition.
runRegister an account, then create and install a certificate
89
-
revokeRevoke a certificate
90
-
renewRenew a certificate
91
-
dnshelpShows additional help for the --dns global option
92
-
help, hShows a list of commands or help for one command
93
-
88
+
runRegister an account, then create and install a certificate
89
+
revokeRevoke a certificate
90
+
renewRenew a certificate
91
+
dnshelpShows additional help for the --dns global option
92
+
help, hShows a list of commands or help for one command
93
+
94
94
GLOBAL OPTIONS:
95
-
--domains, -d [--domains option --domains option] Add domains to the process
96
-
--csr, -c Certificate signing request filename, if an external CSR is to be used
97
-
--server, -s "https://acme-v01.api.letsencrypt.org/directory" CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client.
98
-
--email, -m Email used for registration and recovery contact.
99
-
--accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
100
-
--key-type, -k "rsa2048" Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384
101
-
--path "${CWD}/.lego" Directory to use for storing the data
102
-
--exclude, -x [--exclude option --exclude option] Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01".
103
-
--webroot Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge
104
-
--http Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port
105
-
--tls Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port
106
-
--dns Solve a DNS challenge using the specified provider. Disables all other challenges. Run 'lego dnshelp' for help on usage.
107
-
--help, -h show help
108
-
--version, -v print the version
95
+
--domains value, -d value Add domains to the process
96
+
--csr value, -c value Certificate signing request filename, if an external CSR is to be used
97
+
--server value, -s value CA hostname (and optionally :port). The server certificate must be trusted in order to avoid further modifications to the client. (default: "https://acme-v01.api.letsencrypt.org/directory")
98
+
--email value, -m value Email used for registration and recovery contact.
99
+
--accept-tos, -a By setting this flag to true you indicate that you accept the current Let's Encrypt terms of service.
100
+
--key-type value, -k value Key type to use for private keys. Supported: rsa2048, rsa4096, rsa8192, ec256, ec384 (default: "rsa2048")
101
+
--path value Directory to use for storing the data (default: "/.lego")
102
+
--exclude value, -x value Explicitly disallow solvers by name from being used. Solvers: "http-01", "tls-sni-01".
103
+
--webroot value Set the webroot folder to use for HTTP based challenges to write directly in a file in .well-known/acme-challenge
104
+
--memcached-host value Set the memcached host(s) to use for HTTP based challenges. Challenges will be written to all specified hosts.
105
+
--http value Set the port and interface to use for HTTP based challenges to listen on. Supported: interface:port or :port
106
+
--tls value Set the port and interface to use for TLS based challenges to listen on. Supported: interface:port or :port
107
+
--dns value Solve a DNS challenge using the specified provider. Disables all other challenges. Run 'lego dnshelp' for help on usage.
108
+
--http-timeout value Set the HTTP timeout value to a specific value in seconds. The default is 10 seconds. (default: 0)
109
+
--dns-timeout value Set the DNS timeout value to a specific value in seconds. The default is 10 seconds. (default: 0)
110
+
--dns-resolvers value Set the resolvers to use for performing recursive DNS queries. Supported: host:port. The default is to use Google's DNS resolvers.
111
+
--pem Generate a .pem file by concatanating the .key and .crt files together.
0 commit comments