2025-01-11 - 2026-01-11
Overview
1 Release published by 1 user
906 Issues closed from 1 user
Closed
#977 [PR #972] [CLOSED] Don't allow CDN's to send cached responses
Closed
#978 [PR #966] [CLOSED] check for existence of ocsp responder if OCSP_FETCH="yes" is set
Closed
#976 [PR #964] [CLOSED] Add --acme-profile option to specify ACME profile in README.md
Closed
#972 [PR #956] [CLOSED] implemented certificate profile selection (draft-aaron-acme-profiles-00)
Closed
#971 [PR #952] [CLOSED] Correct indentation of visible output
Closed
#967 [PR #940] [CLOSED] Disable warning when reading CSRs from stdin.
Closed
#968 [PR #936] [CLOSED] Update dehydrated repo urls in man page
Closed
#969 [PR #944] [CLOSED] Add support for Google Trust Services.
Closed
#962 [PR #929] [CLOSED] Suppress openssl warning about reading from stdin.
Closed
#963 [PR #928] [CLOSED] Retry deploy_cert on later dehydrated runs.
Closed
#957 [PR #923] [CLOSED] Ignore output of 'openssl req -verify'.
Closed
#958 [PR #893] [CLOSED] Provide examples for running under SystemD
Closed
#959 [PR #925] [CLOSED] Update repo url in man1 page
Closed
#960 [PR #915] [CLOSED] Proxy-option for openssl-ocsp stapling
Closed
#956 [PR #885] [CLOSED] Replace "egrep" with "grep -E"
Closed
#955 [PR #890] [CLOSED] egrep -> grep -E
Closed
#952 [PR #875] [CLOSED] improve man page based on feedback from debian-l10n-english (#873)
Closed
#953 [PR #877] [CLOSED] Add check for head/tail
Closed
#954 [PR #878] [CLOSED] Add missing checks and fix hexdump output
Closed
#947 [PR #861] [CLOSED] doc: replace unknown ecdsa algorithm reference
Closed
#948 [PR #866] [CLOSED] Replace all escaped slashes in json strings
Closed
#950 [PR #868] [CLOSED] egrep is deprecated
Closed
#951 [PR #871] [CLOSED] Update to 0.7.0
Closed
#942 [PR #840] [CLOSED] Better handling around grep/awk
Closed
#943 [PR #841] [CLOSED] Use consistent indent in hook.sh
Closed
#944 [PR #846] [CLOSED] Fix command_version on Darwin/macOS 11
Closed
#945 [PR #847] [CLOSED] Fix hook based challenges if the same domain appears twice or more
Closed
#946 [PR #848] [CLOSED] Make CHALLENGETYPE available in Hook.
Closed
#938 [PR #812] [CLOSED] Update staging.md to use ACMEv2 server
Closed
#939 [PR #815] [CLOSED] ensure newline before new section in openssl.cnf
Closed
#941 [PR #829] [CLOSED] Remove debug echo in command_cleanup()
Closed
#935 [PR #810] [CLOSED] Support reading domains from drop-in snippets in domains.txt.d
Closed
#936 [PR #809] [CLOSED] Acme update
Closed
#937 [PR #811] [CLOSED] Add more examples to show case how to create certs
Closed
#932 [PR #798] [CLOSED] Per-certificate config fixes
Closed
#933 [PR #803] [CLOSED] Updating nonce handler for newer versions of F5
Closed
#934 [PR #804] [MERGED] document using -t tls-alpn-01 with lighttpd
Closed
#929 [PR #795] [CLOSED] Support for LibreSSL version of openssl on macOS
Closed
#930 [PR #797] [CLOSED] add -t tls-alpn-01 to command line help
Closed
#931 [PR #796] [CLOSED] Support for LibreSSL version of openssl on macOS
Closed
#924 [PR #784] [CLOSED] Fix OCSP_FETCH with libressl
Closed
#926 [PR #788] [CLOSED] force-renew certificates when switching ACME providers
Closed
#927 [PR #791] [CLOSED] fix parsing cert-specific config
Closed
#928 [PR #790] [CLOSED] fix parsing certificate-specific config
Closed
#922 [PR #780] [CLOSED] Support secp521r1 keys
Closed
#923 [PR #766] [CLOSED] add --show-terms to display the URL for the current ToS
Closed
#925 [PR #773] [CLOSED] Merging from base repo
Closed
#919 [PR #760] [CLOSED] implement account deactivation through --deactivate parameter
Closed
#921 [PR #765] [MERGED] fix OS name detection
Closed
#917 [PR #759] [CLOSED] Support DigiCert ACMEv2 API behaviour
Closed
#918 [PR #764] [CLOSED] add more CA presets
Closed
#920 [PR #761] [CLOSED] Replace \s with [[:space:]] for compatibility
Closed
#914 [PR #748] [CLOSED] Fix #747 by enabling keep-going by default, add --abort-on-error
Closed
#915 [PR #741] [CLOSED] Fix typo in comment
Closed
#916 [PR #754] [CLOSED] Fix #753: make alpn certificated and key group readable
Closed
#912 [PR #745] [CLOSED] removed tmp file in 'generate_alpn_certificate' function
Closed
#913 [PR #758] [CLOSED] sudo: fix for #665 and avoid silent failure on error
Closed
#907 [PR #727] [MERGED] Fix account URL
Closed
#908 [PR #739] [CLOSED] Fix for issue #738 - support DigiCert ACMEv2 API behaviour
Closed
#909 [PR #735] [CLOSED] Fix tls-alpn-01 configuration example
Closed
#910 [PR #728] [CLOSED] Don't assume order status to be valid, retry if needed
Closed
#911 [PR #740] [CLOSED] doc/examples/hook.sh typo fix
Closed
#906 [PR #725] [CLOSED] Fix typo "implicitly"
Closed
#902 [PR #722] [CLOSED] Add mark release
Closed
#903 [PR #721] [CLOSED] Add mark release
Closed
#904 [PR #718] [CLOSED] Fix curl check regression and simplify
Closed
#905 [PR #726] [MERGED] Fix challenge response POST body in ACMEv2
Closed
#897 [PR #700] [CLOSED] fetching original updates
Closed
#898 [PR #693] [CLOSED] docs: use service instead of systemctl in the examples
Closed
#899 [PR #712] [CLOSED] OSCP instead of OCSP if file still valid
Closed
#900 [PR #704] [CLOSED] Get OS from /etc/os-version instead of /etc/issue
Closed
#901 [PR #716] [CLOSED] Check for openssl/awk/sed and all are executable
Closed
#896 [PR #685] [CLOSED] Fix link in dns-verification.md
Closed
#892 [PR #669] [CLOSED] changing how we fetch the account id from the Location
Closed
#893 [PR #675] [CLOSED] FIX dns-01 domain + wildcard walidation (#674)
Closed
#894 [PR #682] [CLOSED] just a missing quote
Closed
#895 [PR #679] [CLOSED] Add missing " in hook example
Closed
#891 [PR #666] [CLOSED] Only check existing certs when necessary
Closed
#887 [PR #656] [CLOSED] libressl compability for ocsp_fetch
Closed
#889 [PR #663] [CLOSED] Fix all ShellCheck errors and warnings
Closed
#890 [PR #667] [CLOSED] cleanup: also do cleanup if symlink is broken
Closed
#883 [PR #642] [CLOSED] Split long lines in domain.txt
Closed
#884 [PR #637] [CLOSED] Default BASEDIR to /etc if installed to /usr/bin
Closed
#885 [PR #648] [CLOSED] fetch missing id
Closed
#886 [PR #640] [CLOSED] added wiki link to readme
Closed
#881 [PR #635] [CLOSED] Add --single to only process a single line of domains.txt
Closed
#882 [PR #639] [CLOSED] Wait if order status is processing
Closed
#877 [PR #618] [CLOSED] require only basic RE of sed(1) and no POSIX character classes
Closed
#878 [PR #619] [CLOSED] support running on MirBSD
Closed
#879 [PR #632] [CLOSED] x
Closed
#880 [PR #620] [CLOSED] improve intro documentation
Closed
#872 [PR #611] [CLOSED] Defer verification of domain-specific config options for --cron
Closed
#873 [PR #613] [CLOSED] Add sleep timer for dns-01 challenges
Closed
#874 [PR #617] [CLOSED] support mksh as executing shell
Closed
#875 [PR #616] [CLOSED] export HOOK_CHAIN when calling HOOK
Closed
#876 [PR #614] [CLOSED] per-certificate-config can override PRIVATE_KEY_ROLLOVER var
Closed
#869 [PR #609] [CLOSED] Ensure files are written to disk before symlink
Closed
#870 [PR #592] [CLOSED] Delete CHANGELOG
Closed
#871 [PR #602] [CLOSED] allow setting OCSP_FETCH and OCSP_DAYS per certificate config
Closed
#867 [PR #593] [CLOSED] Add support for non-decimal integer account ID
Closed
#868 [PR #587] [CLOSED] adding new CLI Command (--cleanupdelete / -gcd)
Closed
#862 [PR #560] [CLOSED] Fixes #559 : grep ignore case for HTTP headers
Closed
#863 [PR #553] [CLOSED] Move hook challenge deployment into loop
Closed
#864 [PR #557] [CLOSED] New hook to be called before challenge validation
Closed
#865 [PR #574] [CLOSED] Adds keep_going parameter to example config file
Closed
#866 [PR #582] [CLOSED] issue #575
Closed
#857 [PR #532] [CLOSED] Removed HOOK_CHAIN if condition for hooks request_failure and invalid…
Closed
#859 [PR #541] [CLOSED] Fix small typo in README.md
Closed
#860 [PR #538] [CLOSED] deploy_ocsp timestamp parameter in example hook file is wrong
Closed
#861 [PR #543] [CLOSED] Update logo to better quality
Closed
#856 [PR #517] [CLOSED] fix date in man page
Closed
#858 [PR #531] [CLOSED] Removed HOOK_CHAIN if condition preventing execution of hooks with HO…
Closed
#852 [PR #502] [CLOSED] Improve documentation on wildcards
Closed
#853 [PR #514] [CLOSED] Add ocsp_update hook
Closed
#854 [PR #512] [CLOSED] add example for wildcard entry
Closed
#855 [PR #529] [CLOSED] added fullkeyandchain.pem support
Closed
#847 [PR #473] [MERGED] Fix globbing of CONFIG_D *.sh files
Closed
#848 [PR #471] [CLOSED] Devops 1328 new certs
Closed
#849 [PR #482] [CLOSED] Include name of script when exiting on a fatal error (fixes #481)
Closed
#850 [PR #485] [CLOSED] fixed "sed: invalid option -- 'E'"
Closed
#851 [PR #472] [CLOSED] Add example hook script for Gitlab pages
Closed
#846 [PR #469] [CLOSED] Add ^~ to nginx location block
Closed
#842 [PR #463] [CLOSED] --domain param accepts filename to change domains.txt
Closed
#843 [PR #464] [CLOSED] Acme v02 api support
Closed
#844 [PR #466] [CLOSED] Fix grammer error in the manpage
Closed
#845 [PR #467] [CLOSED] openssl: do not use -out when generating private keys
Closed
#840 [PR #453] [CLOSED] retry post if 500 and echo warning to stdout
Closed
#841 [PR #457] [CLOSED] be more verbose on OCSP stapling file updates
Closed
#837 [PR #444] [CLOSED] fix ocsp.der symlink
Closed
#838 [PR #456] [CLOSED] Update wellknown.md
Closed
#839 [PR #446] [MERGED] fix --account command backup file path generation
Closed
#834 [PR #443] [CLOSED] #396 alias take 2
Closed
#836 [PR #437] [CLOSED] Restart nginx after certification
Closed
#832 [PR #435] [CLOSED] Add man page
Closed
#833 [PR #436] [CLOSED] #108 --check
Closed
#835 [PR #438] [CLOSED] replace backticks on errtxt
Closed
#828 [PR #412] [CLOSED] add host for OCSP request
Closed
#829 [PR #434] [CLOSED] Add optional user and group configuration
Closed
#830 [PR #424] [CLOSED] configurable OPENSSL variable for each certificate.
Closed
#831 [PR #429] [CLOSED] fix issue #426 - version info on FreeBSD
Closed
#826 [PR #406] [CLOSED] Add some comments about IPv6.
Closed
#827 [PR #417] [CLOSED] Added hardlink support, changed spacing in help
Closed
#823 [PR #394] [CLOSED] Support older bash releases
Closed
#824 [PR #401] [CLOSED] Add some formatting to improve human scannability (while reading)
Closed
#825 [PR #400] [CLOSED] add cert alias, fixing #396
Closed
#820 [PR #388] [CLOSED] Added new feature Update registration contact #239
Closed
#822 [PR #395] [CLOSED] Ability to provide extra curl options
Closed
#817 [PR #381] [CLOSED] Error logging
Closed
#819 [PR #393] [CLOSED] Allow to use a different openssl binary than system default openssl
Closed
#821 [PR #386] [CLOSED] DNS-01 challenge response only after DNS propagation
Closed
#818 [PR #377] [CLOSED] use existing CSR in cron mode.
Closed
#812 [PR #362] [CLOSED] Update to allow for post-deploy commands
Closed
#813 [PR #364] [CLOSED] Support for storing challenge to a file
Closed
#814 [PR #367] [CLOSED] Enable alternate domain file location
Closed
#815 [PR #369] [CLOSED] Fix typos
Closed
#816 [PR #373] [CLOSED] Add MSYS support
Closed
#809 [PR #352] [CLOSED] Add "command_version" to display current version with --version or -v
Closed
#810 [PR #357] [CLOSED] dont strip when cwd is /
Closed
#811 [PR #361] [CLOSED] Update contact of account
Closed
#803 [PR #339] [CLOSED] Debianized
Closed
#806 [PR #336] [CLOSED] per issue #335, updating documentation with slight change to config file
Closed
#807 [PR #354] [CLOSED] Support dynamic domains list
Closed
#808 [PR #350] [CLOSED] Don't require WELLKNOWN for register command
Closed
#802 [PR #327] [CLOSED] Update domains_txt.md
Closed
#804 [PR #349] [MERGED] The example hook script uses bash test regex
Closed
#805 [PR #343] [CLOSED] Changed a fatal to non-fatal to be able to continue parsing domains.t…
Closed
#800 [PR #325] [CLOSED] Fix: bash to sh notation on invalid_challenge() hook
Closed
#801 [PR #326] [MERGED] Adding the request_failure hook
Closed
#797 [PR #311] [CLOSED] Fixing "$1 not set" for HANDLER var
Closed
#798 [PR #319] [MERGED] Minor Grammar Stuff
Closed
#799 [PR #321] [MERGED] Test for case when challenge_altnames is empty
Closed
#792 [PR #294] [MERGED] Basic implementation for private key rollover
Closed
#793 [PR #298] [CLOSED] Keep code quality high with shellcheck
Closed
#794 [PR #301] [MERGED] Hint on how to set config options
Closed
#795 [PR #300] [MERGED] examples/hook: no bashism
Closed
#796 [PR #299] [MERGED] fix lighttpd syntax
Closed
#790 [PR #292] [CLOSED] Dockerfile: Add Docker support
Closed
#791 [PR #293] [MERGED] Skip challenge for already validated domains
Closed
#788 [PR #287] [MERGED] Add new parameter --lock-suffix.
Closed
#789 [PR #291] [CLOSED] Output in PKCS#12 format
Closed
#787 [PR #289] [CLOSED] * Add debian package scripts
Closed
#785 [PR #283] [CLOSED] Fix request new certificate if authorization valid
Closed
#786 [PR #286] [CLOSED] Create Alpine based Dockerfile
Closed
#782 [PR #277] [CLOSED] add --create-dirs flag
Closed
#783 [PR #278] [MERGED] Adding the invalid_challenge hook
Closed
#784 [PR #280] [CLOSED] fix some README typos
Closed
#777 [PR #265] [CLOSED] changes to process
Closed
#778 [PR #266] [CLOSED] Fix config logic for revoke command.
Closed
#779 [PR #264] [CLOSED] filter commonName
Closed
#780 [PR #269] [CLOSED] Adding the invalid_challenge and request_failure hooks
Closed
#781 [PR #272] [CLOSED] Debian packaging for dehydrated
Closed
#776 [PR #261] [CLOSED] Retry invalid challenge responses, set number of retries to NUMBER
Closed
#772 [PR #260] [MERGED] ECDSA is supported since February 10, 2016
Closed
#773 [PR #256] [CLOSED] Merge from lukas2511/master
Closed
#774 [PR #259] [MERGED] Update staging doc
Closed
#775 [PR #262] [CLOSED] Retry invalid challenge responses, limit retries to 5.
Closed
#768 [PR #247] [CLOSED] Update staging.md
Closed
#769 [PR #251] [CLOSED] Update missing config message
Closed
#770 [PR #254] [MERGED] Fix default license help text in example config
Closed
#771 [PR #253] [MERGED] Make example hook.sh file executable.
Closed
#767 [PR #244] [CLOSED] Make umask a bit less paranoid
Closed
#763 [PR #226] [CLOSED] Fetch WELLKNOWN from environment if available
Closed
#764 [PR #228] [CLOSED] added wait time for the locking mechanism
Closed
#765 [PR #242] [MERGED] Introduce per cert configuration directory DOMAINS_D
Closed
#766 [PR #231] [MERGED] Added option to select IP version of name to address resolution
Closed
#758 [PR #219] [CLOSED] make dependency check work for non-gnu diff
Closed
#762 [PR #225] [CLOSED] Fix domain name check from certificate.
Closed
#757 [PR #218] [CLOSED] letsencrypt.sh#217: FreeBSD sed doesn't parse challenges properly
Closed
#759 [PR #223] [CLOSED] fix mktemp arg quoting
Closed
#760 [PR #222] [CLOSED] Fixed the Nginx example
Closed
#761 [PR #224] [MERGED] Add Lighttpd example to wellknown.md
Closed
#752 [PR #202] [CLOSED] Fix issues on 2016-05-18. Remove new lines from json response.
Closed
#753 [PR #210] [MERGED] Make certificate output location configurable
Closed
#754 [PR #204] [MERGED] Make location of domains.txt configurable
Closed
#755 [PR #211] [MERGED] Check that the detected config is a file
Closed
#756 [PR #214] [MERGED] Include method and URL in curl error
Closed
#750 [PR #188] [CLOSED] start of python hook example
Closed
#751 [PR #200] [CLOSED] Adding --testCA for testing on Let's Encrypt staging API
Closed
#747 [PR #184] [MERGED] wellknown.md: Clarify WELLKNOWN variable
Closed
#748 [PR #179] [CLOSED] Configuration stubs and validation hooks for use on QNAP devices
Closed
#749 [PR #201] [MERGED] Update wellknown.md
Closed
#744 [PR #173] [CLOSED] Using alias instead of root in cases where root does not work
Closed
#745 [PR #174] [CLOSED] Adding the ability to build a Debian package
Closed
#746 [PR #177] [CLOSED] add hook-example howto convert certs to java keystore file
Closed
#743 [PR #172] [MERGED] Keep registration information as json.
Closed
#742 [PR #169] [CLOSED] Make temp files identifiable and remove unnecessary eval
Closed
#741 [PR #165] [MERGED] Use of 'grep -o' doesn't work on SunOS (fixes #164)
Closed
#737 [PR #159] [MERGED] [doc] Update README.md
Closed
#738 [PR #156] [CLOSED] pass timestamp and key_algo to deploy hook
Closed
#739 [PR #157] [MERGED] Add hook for unchanged certificates.
Closed
#740 [PR #167] [MERGED] Example of DNS record
Closed
#732 [PR #144] [MERGED] Pass intermediate cert to hook script
Closed
#733 [PR #146] [CLOSED] Make path to openssl binary configurable.
Closed
#734 [PR #151] [MERGED] allow spaces in path to additional configuration file
Closed
#735 [PR #148] [CLOSED] New hook deploy_certs which calls once after all certificates is issued.
Closed
#736 [PR #155] [CLOSED] Add support for --keep-going in cron mode
Closed
#728 [PR #137] [CLOSED] load config in cleanup function
Closed
#729 [PR #141] [MERGED] Handle case where no files to cleanup exist.
Closed
#730 [PR #143] [MERGED] Use /usr/bin/env bash shebang
Closed
#731 [PR #139] [MERGED] Skip non-folder entries on cleanup.
Closed
#727 [PR #140] [CLOSED] Add RPM spec for CentOS
Closed
#722 [PR #115] [CLOSED] Check all certificate expiration dates
Closed
#723 [PR #118] [MERGED] Added LOCKFILE to config.sh.example
Closed
#724 [PR #133] [CLOSED] check if curl is able to reach letsencrypt via http and https.
Closed
#725 [PR #136] [CLOSED] merge letsencrypt.sh
Closed
#726 [PR #135] [MERGED] Updated Readme with rate limit warning + staging URL
Closed
#717 [PR #110] [CLOSED] read domains into temporary file and array to allow stdin to function…
Closed
#720 [PR #113] [MERGED] pass IO descriptors to HOOK transparently
Closed
#721 [PR #114] [CLOSED] Add option to chain challenge hook arguments. Fixes #79.
Closed
#718 [PR #109] [CLOSED] Make letsencrypt.sh zsh-compatible
Closed
#719 [PR #111] [MERGED] The dns-01 support is now available in production
Closed
#713 [PR #103] [MERGED] Retain full result when submitting challenge. Fixes #102
Closed
#714 [PR #107] [MERGED] Add hook script example.
Closed
#715 [PR #106] [CLOSED] Fix issue 101
Closed
#716 [PR #100] [MERGED] Add detail as to how dns-01 hook works
Closed
#710 [PR #98] [MERGED] Respect configured BASEDIR for default values
Closed
#712 [PR #99] [MERGED] Add conf.d support
Closed
#707 [PR #95] [MERGED] Add ability to sign "arbitrary" CSRs
Closed
#708 [PR #88] [MERGED] I's are important
Closed
#709 [PR #89] [MERGED] add support for Elliptic Curve Cryptography (ECC)
Closed
#711 [PR #97] [MERGED] Fix possibly broken syntax highlighting
Closed
#706 [PR #86] [MERGED] Check if directory for LOCKFILE is writable.
Closed
#702 [PR #81] [MERGED] Remove home path from config.sh.example
Closed
#703 [PR #80] [CLOSED] Add cleanup command to delete old files
Closed
#704 [PR #82] [MERGED] Require $WELLKNOWN only when using http-01.
Closed
#705 [PR #85] [MERGED] Added missing space before exit code.
Closed
#698 [PR #76] [MERGED] make hook a command line parameter
Closed
#699 [PR #78] [CLOSED] fix bug #60 - problem with tab and multiple spaces in domain.txt
Closed
#701 [PR #73] [CLOSED] Also concatenate privkey.pem and cert.pem to to privcert.pem. This is needed for e.g. pure-ftpd
Closed
#697 [PR #75] [CLOSED] add support for dns-01 challenge
Closed
#700 [PR #77] [MERGED] add support for dns-01 challenge - try 2
Closed
#692 [PR #65] [CLOSED] Update README.md: Remove unnecessary the
Closed
#693 [PR #64] [CLOSED] better use grep -q insted of output redirection
Closed
#694 [PR #68] [MERGED] Renew certificate 30 days before expiration
Closed
#695 [PR #71] [MERGED] Changed shebang of import-certs.sh to #!/usr/bin/env bash
Closed
#696 [PR #69] [MERGED] fix typo in test.sh (ngrok not found)
Closed
#687 [PR #56] [CLOSED] add perl shebang
Closed
#690 [PR #58] [CLOSED] Added WELLKNOWN Apache 2.4 example
Closed
#691 [PR #61] [CLOSED] Added nginx.conf.example
Closed
#688 [PR #59] [MERGED] when using printf, we do not need inline expansion of variables
Closed
#689 [PR #62] [CLOSED] Tiny tidy up commits
Closed
#683 [PR #53] [CLOSED] two revoke fixes
Closed
#684 [PR #52] [CLOSED] replace pcre-ism with posix class
Closed
#685 [PR #55] [CLOSED] force a renew if given domain name(s) don't match the domain name(s) …
Closed
#686 [PR #54] [MERGED] fix: --domain/-d is a parameter and not a command!
Closed
#682 [PR #49] [MERGED] remove command --sign in favor of two parameters "--force" and "--domain"
Closed
#677 [PR #39] [CLOSED] remove --sign in favor of two options "--force" and "--domain"
Closed
#678 [PR #37] [MERGED] fix logic if private key is specified via command line option
Closed
#679 [PR #40] [MERGED] Don't use SCRIPTDIR
Closed
#680 [PR #41] [CLOSED] Update $WELLKNOWN default dir
Closed
#681 [PR #44] [MERGED] bugfix: keep configured PRIVATE_KEY
Closed
#672 [PR #30] [CLOSED] add CONTACT_EMAIL option on registration
Closed
#673 [PR #33] [MERGED] Move cleaning challenge in order to clean when challenge is valid and when challenge is invalid.
Closed
#674 [PR #29] [CLOSED] A single HOOK to handle challenge, cleaning of challenge files and uploading of certs.
Closed
#675 [PR #35] [CLOSED] help text and initial code for command parameter -- second try
Closed
#676 [PR #36] [CLOSED] Hook for deploying certs via ssh
Closed
#667 [PR #24] [CLOSED] add HOOK_POST_CREATION
Closed
#668 [PR #23] [CLOSED] help text and initial code for command parameter
Closed
#669 [PR #25] [CLOSED] add HOOK_POST_CREATION
Closed
#670 [PR #28] [CLOSED] add HOOK_POST_CREATION
Closed
#671 [PR #27] [CLOSED] Post Challenge & New Cert Hooks
Closed
#666 [PR #22] [CLOSED] Hook post creation
Closed
#662 [PR #16] [CLOSED] Store keys and certs in $BASEDIR
Closed
#663 [PR #15] [CLOSED] Cleaner outputs
Closed
#664 [PR #17] [CLOSED] Openssl.cnf parameter
Closed
#665 [PR #21] [CLOSED] implement revoke
Closed
#657 [PR #10] [CLOSED] don't overwrite certificate files
Closed
#658 [PR #11] [MERGED] fixed logic to check status from our challenge
Closed
#659 [PR #12] [MERGED] generate a new private key for each csr if the user wishes so
Closed
#660 [PR #13] [MERGED] show expire date when we don't need to renew a certifcate
Closed
#661 [PR #14] [CLOSED] Add sed as a parameter variable in order to be able to specify the sed version that must be used.
Closed
#654 [PR #8] [CLOSED] make openssl keysize configurable
Closed
#655 [PR #7] [MERGED] add challenge hook and minor fixes/improvements
Closed
#656 [PR #9] [CLOSED] Check expire date of existing certs
Closed
#652 [PR #1] [MERGED] fix registration, certificate creation and minor fixes
Closed
#653 [PR #6] [CLOSED] style: shellcheck
Closed
#651 Bug in expiry time calculation
Closed
#646 openssl checkend always with exit 0
Closed
#640 dehydrated-0.7.2.tar.gz.asc is not a detached signature
Closed
#637 Set default RENEW_DAYS=32
Closed
#638 is this project dead or sleeping now?
Closed
#639 Registration to CA requires a DNS hook if config has CHALLENGETYPE="dns-01" set
Closed
#634 --signcsr works on RHEL 8 but not on RHEL 9
Closed
#635 Privkey size is very small
Closed
#636 Support Certificate Profiles
Closed
#631 openssl 3.2+ support (Warning: Will read cert request from stdin since no -in option is given)
Closed
#632 Issue: Timeout during certificate renewal process
Closed
#629 Letsencrypt changes broke dehydrated
Closed
#630 LetsEncrypt removing OCSP-Support 30. Jan 2025
Closed
#625 A longer delay may be needed after deploying a DNS-01 challenge
Closed
#626 Parameter --ca priority?
Closed
#623 Help! Error: Received certificate which is not self-signed.
Closed
#624 Please do a release
Closed
#619 DNS challenges seem to be doubled - is this expected behavior?
Closed
#616 Do I need to define all hook functions?
Closed
#614 Dehydrated gets confused by openssl req -verify output.
Closed
#611 need help configuring things that the docs don't mention
Closed
#607 Will dehydrated be broken after Sep 30th, 2024?
Closed
#608 The problem of getting a certificate from staging mode
Closed
#605 Incorrect validation certificate for tls-alpn-01 challenge
Closed
#606 Failing with error "/usr/bin/env: ‘bash\\r’: No such file or directory"
Closed
#598 empty
Closed
#600 Argument to get certalias in hook script
Closed
#596 Failed to renew - Problem connecting to server [FreeBSD, curl, SSL cert problem]
Closed
#595 /bin/config: line 6: use: command not found
Closed
#597 hook.sh: line 217: $1: unbound variable
Closed
#592 how to start using this when you already have an account?
Closed
#590 dehydrated -c silently fails to renew certificates using zsh
Closed
#591 How to upgrade the key alogorithm
Closed
#588 Hijacked links on Wiki
Closed
#586 Validate challenges after deploy_challenge
Closed
#587 dehydrated seems donot use really X1 ?
Closed
#583 Lets Encrypt returning 400 Bad Request for certificate signing requests?
Closed
#585 egrep: warning: egrep is obsolescent; using grep -E
Closed
#580 dynamic subzone for DNS 2136 update
Closed
#582 Alias via domains.txt broken?
Closed
#577 Error creating new order
Closed
#578 no renewal with pebble
Closed
#579 Future of dehydrated (dead?)
Closed
#574 Compare with ACME.sh
Closed
#575 Question - DNS Challenge: Provider has no DNS API
Closed
#571 Some minor suggestions to improve [man page](docs/man/dehydrated.1)
Closed
#572 Trigger release
Closed
#573 Internationalized Domain Name
Closed
#569 Support IP SAN entries
Closed
#570 Please check your hook script, it should exit cleanly without doing anything on unknown/new hooks
Closed
#566 List of Variables That are Passed to hook.sh?
Closed
#562 Signing a CSR for a second time gets stuck at the step - "Responding to challenge for fqdn.domain authorization"
Closed
#559 We are migrating our servers and I was wondering how to maintain the same let's encrypt account (id, keys).
Closed
#560 Log4J
Closed
#558 RFC8555#7.3.4
Closed
#557 invalid cert chain with old "DST ROOT" cert -> change default behavior
Closed
#553 Unable to sign a CSR that contains multiple alt_names
Closed
#554 [critical] new call syntax regression breaks hook.sh deploy_challenge and probably clean_challenge
Closed
#555 SANs broken since 31st
Closed
#550 closed
Closed
#551 error when PREFERRED_CHAIN is specified but server does not provides altchains
Closed
#552 Support for new root chain by letsencrypt
Closed
#547 support alternate chains offered by the ACME
Closed
#549 register fails when egrep doesn't support -a
Closed
#544 Support sequential validations instead parallel validations
Closed
#542 'org.pl' fails with ovh hook.
Closed
#543 deploy and validate one-by-one
Closed
#540 Cron renew forgets certificates if one fails
Closed
#538 EC keys: omit the "EC PARAMETERS" section (use ecparam -noout flag)
Closed
#535 Request : Dehydrated support for using ECDSA in account creation
Closed
#536 Challenge Validation Has failed- urn:ietf:params:acme:error:dns
Closed
#537 403 Error on letsencrypt tls-alpn-01
Closed
#532 ERROR: Certificate signing request contains non-DNS Subject Alternative Names
Closed
#533 ERROR: Certificate signing request contains non-DNS Subject Alternative Names
Closed
#534 Sharing with the ssl-cert group
Closed
#529 Does dehydrated support listing of ISSUED certificates?
Closed
#530 Challenge validation has failed
Closed
#531 Switching CAs
Closed
#526 After upgrade to v2, I cannot sign certs anymore.
Closed
#527 DEHYDRATED_USER + --signcsr sends certificate output to stderr
Closed
#528 Undocumented how to deal w/ v1 deprecation
Closed
#524 Stale lock file prevents dehydrated from running
Closed
#525 Preferred chain: LetsEncrypt Subscriber Certificate < – R3 < – ISRG Root X1
Closed
#523 Silly question: How does one install dehydrated?
Closed
#521 Getting ERROR: Challenge is invalid (returned: invalid) : Redirect loop detected
Closed
#522 Bug reading nonce data from headers
Closed
#517 Certificates issued with v 0.7.0 not working when applied to Kemp Loadmaster service
Closed
#518 Feature request: Wait Time
Closed
#519 Symlinks are not updating
Closed
#514 Can't get new cert
Closed
#515 Challenge validation has failed when running with cron
Closed
#511 New release 0.7.0 ?
Closed
#512 certificate-specific config does not work with values containing space
Closed
#508 exit_hook isn't called after request_failure
Closed
#509 bogous ocsp response not updated
Closed
#505 It is not possible to specify multiple domain names with this --domain parameter.
Closed
#506 OCSP fetch breaks down with libressl 2.9.1
Closed
#507 Option to continue fetching certificate if some alternative names don't work
Closed
#502 Question: Does dehydrated support new API ? (Transition to ISRG’s Root delayed until Jan 11 2021)
Closed
#503 Add support for "preferred-chain" Issuer CA
Closed
#504 Nothing past merge of json.sh works on Entware / QNAP
Closed
#499 Upcoming intermediate transition
Closed
#500 Unknown hook sync-cert
Closed
#501 Question on config file
Closed
#498 Request for retry loop for resiliency against curl error 35
Closed
#497 cURL error 3
Closed
#493 can't update/renew
Closed
#494 Way to accomodate multiple CAs
Closed
#495 EXPECTED value GOT EOF
Closed
#490 Incompatibility with freebsd sed?
Closed
#488 tls-alpn-01 key and certificate permissions too strict
Closed
#489 zsh: sign_csr:207: read-only variable: status
Closed
#491 failed to parse Keyfile
Closed
#492 Request: Insert affected domain in error message for unsuccessful API call
Closed
#484 Allow multiple domains.txt in a domains.txt.d directory
Closed
#485 moving a domain between servers
Closed
#486 Enable --keep-going by default for cronjob-operations.
Closed
#481 add hook for propagate_challenge
Closed
#482 SAN error generating cert for CNAME domain
Closed
#483 Allow for configure writing to different dir than BASEDIR (read-only FS)
Closed
#480 dehydrated does not work with DigiCert ACMEv2 API - ACCOUNT_URL problem
Closed
#478 External Account Binding support.
Closed
#479 dehydrated does not work with DigiCert ACMEv2 API - token value confusion between challenge types
Closed
#476 Dehydrated does not gracefully handle non-zero return codes from hook functions
Closed
#477 Is it possible to use CONTACT_EMAIL only for certain vhosts on a server?
Closed
#475 missing whitespace
Closed
#472 Issue with two domains (master.tld *.master.tld) on same TXT record
Closed
#473 Account base64 representation is calculated with "\n"
Closed
#474 Dehydrated does not work with step-ca and http-01 challenge
Closed
#471 Example ngnix configuration on the main page is wrong!
Closed
#469 Renew certificate problem OpenSSL
Closed
#470 Example for no-ip
Closed
#467 curl check regression
Closed
#468 Is it possible to register with LetsEncrypt with an email address?
Closed
#466 sometimes certificated renew fails: Challenge is invalid!
Closed
#463 check_dependencies doesn't check exec status nor for awk/sed
Closed
#464 Validating this certificate is not possible using dns-01. Possible validation methods are: http-01
Closed
#465 incorrect indentation of output
Closed
#460 Beginning June 1, 2020, we will stop allowing new domains to validate using the ACMEv1 protocol
Closed
#461 hook.sh and waiting for DNS records to propagate
Closed
#462 multi-domains: behavior on failure to continue for each other entries
Closed
#457 Error: Challenge is invalid
Closed
#458 Symlinks not being updated, even thought new certificates are created
Closed
#459 error when using letsencrypt_acme_dns-01_challenge_hook.sh
Closed
#454 dns-01 not working
Closed
#456 how do i make sure i use acme-v2?
Closed
#455 Feature-Request: Error Message if Hook-Script is broken
Closed
#451 Challenge validation over https link
Closed
#452 01070277:3: The requested key (domain.com_2019-12-27.key) was not found.
Closed
#453 new-acct curl returned with 52
Closed
#449 Support setting CA in per-certificate config (DOMAINS_D or certs/…)
Closed
#450 operating system name is wrong in command_version()
Closed
#448 WELLKNOWN directory doesn't exist, please create /etc/www/dehydrated and set appropriate permissions.
Closed
#445 hook.sh reload services only once after at least one domain change
Closed
#446 How to change from ACME v1 to ACME v2?
Closed
#447 Cant load .rnd into RNG
Closed
#442 Wrong wiki link
Closed
#443 Dehydrated won't work with step-ca acme server / kid does not have required prefix
Closed
#444 "404 Expired authorization" when run in Cron
Closed
#439 exit_hook is called at invalid_challenge and not at the end of the cron command
Closed
#440 JWS has no anti-replay nonce
Closed
#441 document $alias in hook script
Closed
#437 Option to specify own Root CA
Closed
#438 remove tmp files after it have been used
Closed
#436 cURL error 35, recent random failures to connect to LE
Closed
#435 Please add option --reuse-key
Closed
#433 Suggestion : add support for DOMAINS_TXT on the command-line
Closed
#434 Malformed account ID in KeyID header
Closed
#431 dns-01: base-domain and wildcard: all challenge deploys are done before validation
Closed
#432 Order finalization should check that the order is "valid" before trying to download the certificate
Closed
#430 dehydrated shouldn't send keyAuthorization in ACMEv2 challenge response
Closed
#427 Help with deploy_challenge hook
Closed
#428 challenges fail when using 301 redirects
Closed
#429 dehydrated is not using the canonical Account URL
Closed
#425 setting DEHYDRATED_USER does not check uid first
Closed
#426 Strato Support?
Closed
#421 Challenge validation failed
Closed
#423 EC PARAMETERS in privkey.pem break postfix smtpd_tls_chain_file
Closed
#422 "keep going" suppresses the error status
Closed
#419 unbound variable
Closed
#418 Using domain alias
Closed
#415 buypass.com support?
Closed
#416 Consider making ECDSA (P-256) the default certificate type
Closed
#417 RFC 8555 incompatible account ID handling
Closed
#412 missing id
Closed
#413 Operation to simply retrieve and output the Terms of Service URL
Closed
#414 dns-01 challenge fails with staging API v2: "Malformed account ID in KeyID header URL"
Closed
#409 should tls-acme-01 create a certificate per alias?
Closed
#410 A simple question on dns txt variable
Closed
#411 wildcard *.domain.name not send to hook
Closed
#406 dehydrated for python?
Closed
#407 Suddenly "ERROR: Challenge is invalid!"
Closed
#408 Add an option to keep using the old IdenTrust cross-signed intermediate certificate until 2021
Closed
#403 account 'id'
Closed
#404 Why was version 1 API removed
Closed
#405 Strange response from Challenge Validation (403)
Closed
#400 $SCRIPTDIR/config
Closed
#401 Upgrading from acme-v1 to acme-v2 causes problems
Closed
#402 exit_hook not called if invalid_challenge hook has been called before
Closed
#397 tls-alpn-01 - urn:ietf:params:acme:error:unauthorized Status 403
Closed
#398 Implement POST-as-GET
Closed
#399 Failure reported by nsupdate. Bailing out!
Closed
#396 dehydrated renewal
Closed
#394 Script unexpectedly ends without error
Closed
#395 TLS-ALPN-01 support uses obsolete id-pe-acmeIdentifier OID
Closed
#391 Does dehydrated support TLSA record generation?
Closed
#392 Challenge validation has failed (apache reverse proxy)
Closed
#393 gift: script ro reload Apache2 by systemd timer script (no issue!)
Closed
#388 "No such file or directory" when generating certificates
Closed
#389 Invalid Character in DNS name when creating new auth
Closed
#390 Running as another user, perhaps ssl-cert
Closed
#386 Anyone got a manifold or systemd file that you use in production for making dehydrated resign at given intervals?
Closed
#387 Please support http proxies for OCSP
Closed
#385 Verify config issue
Closed
#384 Call deploy_cert() in hooks-file with alias
Closed
#382 Command '--cron' meaning
Closed
#383 DNS-01 failed with multiple -d calls
Closed
#379 Please pass domains to startup_hook
Closed
#380 No hook for NSD
Closed
#381 Cannot use --signcsr : "Invalid character in DNS name"
Closed
#378 Does not limit retries to letsencrypt APIs
Closed
#377 DNS problem: NXDOMAIN looking up TXT for _acme-challenge.
Closed
#373 I think I might have mucked up my config files
Closed
#374 request for wildcard-certificate and base certificate failed
Closed
#375 DuckDNS wildcard/sub-domains failure
Closed
#370 More than one hook script
Closed
#371 Can't validate challenge in --force update mode
Closed
#367 Feature: config options per domain
Closed
#368 Get an error trying to renew (list index out of range)
Closed
#369 Challenge validation failed with error 403
Closed
#364 Feature request: TXT propogation delay
Closed
#365 dehydrated will not replace staging CA certs with real certs, after staging CA removed from config
Closed
#366 Challenge validation has failed
Closed
#361 Support for tls-alpn verification
Closed
#363 Multiple domains.txt files?
Closed
#362 Resume reading domains.txt after failed validation
Closed
#358 Add hook callback before privkey loading, e.g. "preload_cert"
Closed
#359 DOMAINS_D not in example config
Closed
#360 HOOK_CHAIN="no" ineffective anymore?
Closed
#356 No module named builtins
Closed
#357 update wiki
Closed
#355 HTTP challenge is invalid
Closed
#352 How to use wildcard alt names with --domain flag?
Closed
#353 Hook bash for DNS-01 challenge for pratically every domain (with Cloudflare) > GOT!
Closed
#354 Script stops when run by cron
Closed
#350 ERROR: Parsing error in config file
Closed
#351 Add option to ignore extra domains in existing and valid certificates
Closed
#349 Does dehydrated fully support IDN's 'Internationalized Domain Names)?
Closed
#348 JWS has no anti-replay nonce
Closed
#347 Remove dependency on sudo?
Closed
#345 dehydrated v0.6.1 fails to renew certificate
Closed
#343 Incorrect .pem files with recent versions
Closed
#344 adding certalias to deploy_cert ?
Closed
#342 ERROR: Challenge is invalid! (returned: invalid)
Closed
#340 Hook_chain being ignored
Closed
#341 Discussion: Bad DNS provider APIs
Closed
#337 DNS-01 hook for Yandex.PDD DNS hosting in PHP
Closed
#338 force renew fails
Closed
#339 An error occurred while sending post-request to http://my.domain/.well-known/acme-challenge/...
Closed
#334 request_failure HEADERS parameter not documented
Closed
#335 dehydrated does not accept terms and services
Closed
#336 JWS has invalid anti-replay nonce
Closed
#333 Challenge is invalid! (returned: invalid)
Closed
#331 Add options to specify certificates owner/group and permissions
Closed
#332 Feature: privilege separation
Closed
#328 How to configure apache with existing vhost redirect/proxypass/AuthType rule?
Closed
#330 Clean challenge via hook bug?
Closed
#329 Problem with dns validation
Closed
#326 Keep getting `Must agree to subscriber agreement before any further actions`
Closed
#327 Add a qualifier for path to curl?
Closed
#325 Issue with CAA DNS
Closed
#323 support generating keys for more than one key algorithm
Closed
#324 generate Merged (key + fullchain) output
Closed
#322 dehydrated responds too quickly when using dns-01
Closed
#319 export path to config file for use by hook scripts
Closed
#321 ACMEv2(?): Intermediary (chain) placed in fullchain.pem twice.
Closed
#320 Port 80 is open but timeout (Error 400)
Closed
#316 ERROR: Validating this certificate is not possible using http-01. Possible validation methods are: dns-01
Closed
#318 DNS validation and subdomains
Closed
#317 [New Feature] - Enable putting dns challenge token creation inline with validation
Closed
#315 set: pipefail: invalid option name
Closed
#313 Localhost setup
Closed
#314 accounts directory created in certificate directory
Closed
#310 ERROR: Challenge is invalid! (returned: ) (result: <<string>>)
Closed
#311 Better JSON parsing
Closed
#312 OCSP stapling file is updated after hooks are called
Closed
#307 dehydrated with zsh, sign_csr:86: challenge_identifiers: assignment to invalid subscript range
Closed
#309 Dropping old ACMEv1 Support?
Closed
#308 Inconsistent naming of config files
Closed
#304 Wildcard & Base Domain: Two TXTs
Closed
#305 dehydrated with broken pipe in cat...
Closed
#306 wildcard only with dns01 ? how dns01 works ?
Closed
#303 automatically use dns-01 to generate ca
Closed
#302 Incorrect TXT record with wildcard and non-wildcard in the same cert
Closed
#301 domain specific config file
Closed
#298 CSR Subject from OPENSSL_CNF ignored
Closed
#299 Certificate file also contains chain for ACME v2
Closed
#296 Modify default CA URL to use the new ACME v2 endpoint
Closed
#295 Certificate chain: Use new-cert headers instead of fetching issuer url from the certificate
Closed
#297 Fix chain if certificate has already been acquired
Closed
#292 Request Cert on other port
Closed
#293 Walking chain fails - Problem connecting to server
Closed
#294 Api 1 request error to new-authz, once
Closed
#291 certificate for dehydrated.de expired
Closed
#289 this_hookscript_is_broken__dehydrated_is_working_fine__please_ignore_unknown_hooks_in_your_script
Closed
#290 Content-Type header in v2
Closed
#286 v1 staging: fails in walk chain because letsencrypt now redirect you
Closed
#287 Wildcard cert plus apex domain fails DNS-01 challenge
Closed
#288 Non-standard CSRs ignored
Closed
#283 ACME clients SHOULD send unique User-Agent header.
Closed
#284 When I change DNS name in new cert for the same client, dehydrated is doing new cert but not activating it
Closed
#285 Avoid the * wildcard in certificate directory names
Closed
#281 Include name of script when exiting on a fatal error
Closed
#282 Dehydrated silently quits on -c, issue with hook
Closed
#280 Commits today appears to cause Dehydrated to exit with non-zero exit code?
Closed
#277 Ussage examples??
Closed
#278 KeyError: 'generate_csr' when building from master.
Closed
#279 KeyError cloudflare
Closed
#276 dehydrated 0.5.0: dehydrated -c -g stops after first domain
Closed
#275 Which file for ssl_trusted_certificate in nginx conf with OCSP?
Closed
#274 New hook: Generate/Fetch external CSR
Closed
#271 dns-01 hook no longer working in 0.5.0
Closed
#272 dehydrated fails with "challenge is invalid"
Closed
#273 Give domains.txt file as cli param
Closed
#269 *chain*.pem contains blank line and url
Closed
#268 .gitignore add challenges/*
Closed
#270 Validate 1 certificate's domains in parallel
Closed
#266 Challenge invalid: Timeout, status 400 - but access_log shows status 200
Closed
#267 RFE: create a symlink for each SAN
Closed
#265 Too talkative
Closed
#263 request_failure and invalid_challenge not executed when HOOK_CHAIN=yes
Closed
#264 BOA dehydrated error renewing certificates
Closed
#262 Specify separate certificate files
Closed
#259 Does Dehydrated "remember" used hooks?
Closed
#260 Dehydrated doesn't work in pfSense 2.4 branch?
Closed
#261 PRIVATE_KEY_RENEW="no" ignored?
Closed
#256 Issue with failing to acquire root domain certs
Closed
#257 Please ignore hook/* instead of just hook.sh
Closed
#258 DNS problem: NXDOMAIN looking up TXT for MX record
Closed
#253 CSR generated through dehydrated script doesn't contains 'O', 'OU', 'C' parameters
Closed
#254 Config option to resign existing public key
Closed
#255 Crontab
Closed
#252 What am I doing wrong here?
Closed
#250 --account option is not available in version 0.4.0 in FreeBSD
Closed
#251 Example for GoDaddy API removes any TXT records you might already have
Closed
#247 version information on FreeBSD
Closed
#248 certificate renewal fails with urn:acme:error:malformed
Closed
#249 Integration with a free monitoring system via an API
Closed
#246 Error creating new authz :: Invalid character in DNS name
Closed
#245 Update registration email address
Closed
#244 ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/new-authz (Status 403)
Closed
#241 Save certificate to file with --signcsr
Closed
#242 dehydrated doesn't call le-godaddy-dns Python hook
Closed
#243 ACME v2 Support
Closed
#238 [FEATURE] separate challenge hook and deployment hook
Closed
#239 Responding to challanges when many SANs
Closed
#240 wait in case of NXDOMAIN with the DNS challenge
Closed
#235 OPENSSL variable not in config file
Closed
#236 CA_REVOKE_CERT Unbound
Closed
#237 startup_hook defined but not functioning
Closed
#233 Hook for restart Nginx after renewing
Closed
#234 dehydrated fails when pre-made csr has multiple domains
Closed
#232 Duplicate short parameter "-a"
Closed
#229 Wrong default setting
Closed
#230 Write certificate even if chain is not downloaded
Closed
#231 Challenge appears to be deleted before validation
Closed
#228 Crontab
Closed
#226 CI Environment
Closed
#227 Feature request: specify multiple hooks for multiple DNS providers at same time
Closed
#223 Can't make the -o option work
Closed
#225 openssl config usage missing on requesting certificate
Closed
#224 Allow multiple keys/certs for a domain
Closed
#221 Enhancement: Allow use of provided CSRs in normal renewal flow
Closed
#220 value of ${issuer_cert_uri} part of chain.pem
Closed
#222 Sanity check on domains.txt
Closed
#218 Clear/Reuse pending authorizations
Closed
#219 Support downloading OCSP responses
Closed
#217 --cleanup from hook
Closed
#214 Revoked certificates are not archived
Closed
#215 improve error management on a domain request
Closed
#216 dehydrated not working on IPv6-only hosts
Closed
#211 Adding email address to an account
Closed
#212 Patch for configuring openssl command
Closed
#213 Allow quiet/silent operation
Closed
#208 Different hooks for different operations
Closed
#209 Dehydrated does not keep track of deploy hook failures
Closed
#210 Not working in FreeBSD systems
Closed
#205 Checking certificate status after running dehydrated -c
Closed
#206 Add option to disable "already validated" feature
Closed
#207 Add startup_hook.
Closed
#204 Make symlink names configurable
Closed
#202 Certificate request/renew with F5 Load Balancer
Closed
#200 Feature Request: Add alternative names to hook script calls
Closed
#199 Support for storing challenge to a file
Closed
#201 token validation command parameter
Closed
#197 Allow otherNames Aliases
Closed
#196 Feature suggestion: couple per-domain configuration with domains.txt
Closed
#198 config file order
Closed
#193 Feature proposal: Intermediate certificates cache
Closed
#195 new hooks break old installation
Closed
#194 Recent commit broke certificate requests
Closed
#190 Better license handling
Closed
#191 Make the intermediate certificate available again
Closed
#192 Releases: Please provide signatures
Closed
#187 make a v0.3.2 release?
Closed
#188 account argument
Closed
#189 Encountered an issue while getting dehydrated to work, wrote up a tutorial
Closed
#184 Add --no-ocsp command line option
Closed
#185 ERROR: Error when trying to get nonce
Closed
#186 dehydrated forgets to add slash between hostname and ".well-known" in one domain name
Closed
#181 What can I do about Weak Diffie-Hellman and the Logjam Attack
Closed
#182 challenge tokens are created in wrong directory for freeBSD
Closed
#183 http-01, invalid, urn:acme:error:unauthorized, status 403
Closed
#178 cron output suggestion
Closed
#179 Feature Request: Revoke superseded certificate
Closed
#180 Feature request: specifying alternative domains.txt file
Closed
#177 Feature request - allow update of email address
Closed
#176 Define an allowed prefix for custom config settings
Closed
#175 support/usage for "--must-staple --redirect --hsts --uir" cert options?
Closed
#172 "Already validated" failure
Closed
#173 Pass CHALLENGETYPE to hook.sh for deploy_challenge, clean_challenge, and invalid_challenge
Closed
#174 line 515: deploy_args: unbound variable
Closed
#169 does dehydrated support domain verification by https(port 443)
Closed
#170 Add hook to be called at the end
Closed
#171 IDNs support
Closed
#166 cert specific config not loaded if wellknown does not exists
Closed
#167 Is it possible to obtain challenges without verification?
Closed
#168 Does the DNS update hook need to be run for subsequent verifications after the first verification in DNS mode?
Closed
#163 Nginx Proxy: invalid with dehydrated but curl returns the validation file
Closed
#164 Feature: Passing a list of all domains to the hook
Closed
#165 Anyone experience with gandi as DNS server? (The txt record is not updated fast enough)
Closed
#162 Challenge is invalid! possible missing "/" in url
Closed
#160 Forcing IPv6 does not work
Closed
#161 CRON example
Closed
#158 Add support for appending custom EC/DH parameters
Closed
#159 Need to delay/retry on 500 errors
Closed
#157 create certificate in --out(put) while using --signcsr
Closed
#154 Requesting certificates can hang if a challenge is not required to do so
Closed
#155 Create PEM-file combining certificate and key
Closed
#156 Handle slow connections better (curl timeout)
Closed
#151 Error while trying to get cert on Ubuntu 16.04 LTS
Closed
#153 Fails on busybox
Closed
#152 Feature Request: Delayed Certificate Symlinking
Closed
#150 Error Loading request extension section SAN
Closed
#149 "Key too large: 4104 > 4096" when registering account key with ACME server
Closed
#148 letsencrypt.sh/dehydrated: line 80: unexpected argument `(' to conditional binary operator
Closed
#146 RSA key 4096
Closed
#145 Incompliant JWK Thumbprints with leading zeroes
Closed
#147 Error when creating fullchain
Closed
#142 README does not explain the new name
Closed
#143 Add support for TLS-SNI-01 challenges
Closed
#144 Let people try the staging CA before pointing to the production CA
Closed
#139 Feature idea: hook directory
Closed
#140 Tag v0.2.1 and update CHANGELOG
Closed
#141 Responding to challenge fails with "Provided key authorization was incorrect"
Closed
#136 OCSP_MUST_STAPLE="yes" ignored in config file, --ocsp parameter works correctly
Closed
#137 hooks for starting web server only to get auth/cert
Closed
#138 What is the relationship between this repo and certbot?
Closed
#133 urn:acme:error:unauthorized on dns-01 (lexicon)
Closed
#134 new release
Closed
#135 OpenSolaris (Joyent) Compatibility
Closed
#130 Do not hard code subscriber agreement URL
Closed
#131 Agreement URL is out of date
Closed
#132 Feature Request: Registering account key with letsencrypt without requesting domain
Closed
#128 Update license agreement (due at August 1st)
Closed
#129 why does letsencrypt.sh not allow parallel calling?
Closed
#127 DNS challange seems not working correctly
Closed
#124 How?
Closed
#125 Feature: Account update
Closed
#126 rename all 3 cert.pem, chain.pem and fullchain.pem to .pem-revoked
Closed
#121 rename certificates with status 409 already revoked to .pem-revoked
Closed
#122 registration_info not generated
Closed
#123 archive .pem-revoked
Closed
#120 Certs permission
Closed
#118 Per-application self-registering hooks
Closed
#119 Add per-domain configuration files
Closed
#116 http-01-port support
Closed
#115 Checking domain name of existing cert may fail
Closed
#117 Clean old certificate files
Closed
#112 characters getting replaced
Closed
#113 FreeBSD sed doesn't parse challenges properly
Closed
#114 new challenge - proof of possession
Closed
#109 Feature: Deleting an Account
Closed
#110 json response issue
Closed
#106 DEF_LOAD_BIO:missing equal sign:conf_def.c:346
Closed
#107 letsencrypt.sh does not generate any cers
Closed
#108 a hook that is executed once per run
Closed
#105 While domain is not registered, letsencrypt.sh returns no error
Closed
#103 letsencrypt.sh stopped working
Closed
#104 Latest version broken?
Closed
#102 DNS-01 challenges for multi-domain cert
Closed
#101 mixed challenges for one certificate
Closed
#100 DNS-01 hook for Azure
Closed
#97 Lighttpd (and some other apps) requires both cert and privkey to be in the same .pem file
Closed
#98 Please bring back the option to reuse private keys
Closed
#99 pre-hook & post-hook
Closed
#96 passing domain&altnames to dns-01 hook script?
Closed
#94 Getting a traceback error
Closed
#95 WELLKNOWN documentation gives conflicting statements
Closed
#93 Any chance to support namecheap DNS server hooking
Closed
#91 dns auth attempt returns "ERROR: Challenge is invalid! (returned: invalid)" ?
Closed
#92 Feature Request: tell the status of the request, instead of just invalid
Closed
#89 Remove unwanted file: private_key.json
Closed
#90 Accept domain.tld param for --force option
Closed
#88 Allow to use comments in the domains.txt file
Closed
#85 change PRIVATE_KEY to ACCOUNT_KEY
Closed
#86 Can not revoke cert
Closed
#87 Set WELLKNOWN path per subdomain
Closed
#83 If a domain contains uppercase letters it will always renew the certificate
Closed
#84 mktemp on OpenBSD
Closed
#82 Unbound variable
Closed
#79 cron-renew of certs that are created via -d parameter
Closed
#80 CONTACT_EMAIL no change in certs
Closed
#81 more information on errors
Closed
#76 Use of grep -o doesn't work on SunOS
Closed
#77 Processing all deploy_challenge actions before any clean_challenge actions
Closed
#78 unauthorized error
Closed
#75 Created a dynect hook
Closed
#73 no error recover on license mismatch
Closed
#74 Add proxy server setting
Closed
#70 Email notifications
Closed
#71 Support ECDSA ?
Closed
#72 "keep-going" option for cron mode
Closed
#67 Add an option to automatically print the certificate plus the intermediate one
Closed
#68 continue
Closed
#69 No registration exists matching provided key
Closed
#65 cron stops after signing the first cert
Closed
#64 convert to POSIX.sh / styleguide
Closed
#66 ${DOMAIN} in config.sh
Closed
#61 Stateless challenge-response
Closed
#62 script for hooks can not be found
Closed
#63 Add a configurable wait time between deploying and checking challenges
Closed
#58 clean up old certificates and keys
Closed
#59 different exit value when a certificate is renewed
Closed
#60 help: Hooks
Closed
#56 keys: create per domain, create entropy
Closed
#57 Requesting Challenge fails for CSR mit multiple "subjectAltName"s
Closed
#55 Support HPKP
Closed
#54 README: Document where files are written and read from
Closed
#52 Basic dns-01 hook script
Closed
#53 When HOOK_CHAIN is set, letsencrypt.sh still tries to clean a single challenge in case of an error
Closed
#49 add altname extension only when needed
Closed
#50 ECDSA error
Closed
#51 letsencrypt.sh always generates a new key
Closed
#48 Add example for using DNS-01 challenge
Closed
#46 LibreSSL support
Closed
#43 work in alternative shells
Closed
#44 curl test broken
Closed
#41 Fix storage directory
Closed
#42 dns validation status retrieval discards all detail but 'invalid'
Closed
#40 per-certificate config files
Closed
#37 Please add capability to allow hook to read from stdin instead of /dev/tty
Closed
#38 Pass ${timestamp} to hook script for extended certificate manipulation.
Closed
#39 Please make releases
Closed
#34 $WELLKNOWN / challenge-response for nginx
Closed
#35 revoke certs
Closed
#36 Handling of CA account private keys
Closed
#33 Challenge is invalid
Closed
#31 bad handling sign error
Closed
#32 letsencrypt.sh on CentOS 5 doesn't see curl
Closed
#28 Deploy challenges once per domain, not once per altname
Closed
#29 mktemp on older OS's needs -t tmp
Closed
#30 Is there any installation instructions?
Closed
#26 return code is 0 on failure
Closed
#27 Dependency on HOME which may not be set
Closed
#25 Default to staging to avoid rate limiting
Closed
#23 delimiter between domain and additional names in domain.txt is 'space only'
Closed
#24 License?
Closed
#22 Unlisted dependency: column (from the bsdmainutils package)
Closed
#20 unnecessary dependency to fdescfs
Closed
#21 Support .example.tld shorthand syntax
Closed
#19 Return code always 1
Closed
#18 cron output
Closed
#16 permissions of ${WELLKNOWN}
Closed
#17 RFE: domains.txt.d
Closed
#14 lets-encrypt-x1-cross-signed.pem
Closed
#15 shasum: command not found
Closed
#13 hostname regex seems to be wrong
Closed
#10 pfsense
Closed
#11 RFC: domains.txt format
Closed
#12 import-certs.sh does not use the same config.sh paths that letsencrypt.sh does.
Closed
#7 Wrong order in the Fullchain (For Nginx)
Closed
#8 Add lockfile
Closed
#9 New Key in place even if renewal failed
Closed
#4 Resign certificates if (sub)domains changed
Closed
#5 Have questions..
Closed
#6 Certificate revocation
Closed
#3 bash syntax
Closed
#1 Certificate invalid?
Closed
#2 Error when requesting ceritficate...
985 Issues created by 1 user
Opened
#1 Certificate invalid?
Opened
#2 Error when requesting ceritficate...
Opened
#3 bash syntax
Opened
#4 Resign certificates if (sub)domains changed
Opened
#5 Have questions..
Opened
#6 Certificate revocation
Opened
#7 Wrong order in the Fullchain (For Nginx)
Opened
#8 Add lockfile
Opened
#9 New Key in place even if renewal failed
Opened
#10 pfsense
Opened
#11 RFC: domains.txt format
Opened
#12 import-certs.sh does not use the same config.sh paths that letsencrypt.sh does.
Opened
#13 hostname regex seems to be wrong
Opened
#14 lets-encrypt-x1-cross-signed.pem
Opened
#15 shasum: command not found
Opened
#16 permissions of ${WELLKNOWN}
Opened
#17 RFE: domains.txt.d
Opened
#18 cron output
Opened
#19 Return code always 1
Opened
#20 unnecessary dependency to fdescfs
Opened
#21 Support .example.tld shorthand syntax
Opened
#22 Unlisted dependency: column (from the bsdmainutils package)
Opened
#23 delimiter between domain and additional names in domain.txt is 'space only'
Opened
#24 License?
Opened
#25 Default to staging to avoid rate limiting
Opened
#26 return code is 0 on failure
Opened
#27 Dependency on HOME which may not be set
Opened
#28 Deploy challenges once per domain, not once per altname
Opened
#29 mktemp on older OS's needs -t tmp
Opened
#30 Is there any installation instructions?
Opened
#31 bad handling sign error
Opened
#32 letsencrypt.sh on CentOS 5 doesn't see curl
Opened
#33 Challenge is invalid
Opened
#34 $WELLKNOWN / challenge-response for nginx
Opened
#35 revoke certs
Opened
#36 Handling of CA account private keys
Opened
#37 Please add capability to allow hook to read from stdin instead of /dev/tty
Opened
#38 Pass ${timestamp} to hook script for extended certificate manipulation.
Opened
#39 Please make releases
Opened
#40 per-certificate config files
Opened
#41 Fix storage directory
Opened
#42 dns validation status retrieval discards all detail but 'invalid'
Opened
#43 work in alternative shells
Opened
#44 curl test broken
Opened
#45 Add option to do a quick renewal check
Opened
#46 LibreSSL support
Opened
#47 Add support for recovery key
Opened
#48 Add example for using DNS-01 challenge
Opened
#49 add altname extension only when needed
Opened
#50 ECDSA error
Opened
#51 letsencrypt.sh always generates a new key
Opened
#52 Basic dns-01 hook script
Opened
#53 When HOOK_CHAIN is set, letsencrypt.sh still tries to clean a single challenge in case of an error
Opened
#54 README: Document where files are written and read from
Opened
#55 Support HPKP
Opened
#56 keys: create per domain, create entropy
Opened
#57 Requesting Challenge fails for CSR mit multiple "subjectAltName"s
Opened
#58 clean up old certificates and keys
Opened
#59 different exit value when a certificate is renewed
Opened
#60 help: Hooks
Opened
#61 Stateless challenge-response
Opened
#62 script for hooks can not be found
Opened
#63 Add a configurable wait time between deploying and checking challenges
Opened
#64 convert to POSIX.sh / styleguide
Opened
#65 cron stops after signing the first cert
Opened
#66 ${DOMAIN} in config.sh
Opened
#67 Add an option to automatically print the certificate plus the intermediate one
Opened
#68 continue
Opened
#69 No registration exists matching provided key
Opened
#70 Email notifications
Opened
#71 Support ECDSA ?
Opened
#72 "keep-going" option for cron mode
Opened
#73 no error recover on license mismatch
Opened
#74 Add proxy server setting
Opened
#75 Created a dynect hook
Opened
#76 Use of grep -o doesn't work on SunOS
Opened
#77 Processing all deploy_challenge actions before any clean_challenge actions
Opened
#78 unauthorized error
Opened
#79 cron-renew of certs that are created via -d parameter
Opened
#80 CONTACT_EMAIL no change in certs
Opened
#81 more information on errors
Opened
#82 Unbound variable
Opened
#83 If a domain contains uppercase letters it will always renew the certificate
Opened
#84 mktemp on OpenBSD
Opened
#85 change PRIVATE_KEY to ACCOUNT_KEY
Opened
#86 Can not revoke cert
Opened
#87 Set WELLKNOWN path per subdomain
Opened
#88 Allow to use comments in the domains.txt file
Opened
#89 Remove unwanted file: private_key.json
Opened
#90 Accept domain.tld param for --force option
Opened
#91 dns auth attempt returns "ERROR: Challenge is invalid! (returned: invalid)" ?
Opened
#92 Feature Request: tell the status of the request, instead of just invalid
Opened
#93 Any chance to support namecheap DNS server hooking
Opened
#94 Getting a traceback error
Opened
#95 WELLKNOWN documentation gives conflicting statements
Opened
#96 passing domain&altnames to dns-01 hook script?
Opened
#97 Lighttpd (and some other apps) requires both cert and privkey to be in the same .pem file
Opened
#98 Please bring back the option to reuse private keys
Opened
#99 pre-hook & post-hook
Opened
#100 DNS-01 hook for Azure
Opened
#101 mixed challenges for one certificate
Opened
#102 DNS-01 challenges for multi-domain cert
Opened
#103 letsencrypt.sh stopped working
Opened
#104 Latest version broken?
Opened
#105 While domain is not registered, letsencrypt.sh returns no error
Opened
#106 DEF_LOAD_BIO:missing equal sign:conf_def.c:346
Opened
#107 letsencrypt.sh does not generate any cers
Opened
#108 a hook that is executed once per run
Opened
#109 Feature: Deleting an Account
Opened
#110 json response issue
Opened
#111 Feature: Account Key Roll-over
Opened
#112 characters getting replaced
Opened
#113 FreeBSD sed doesn't parse challenges properly
Opened
#114 new challenge - proof of possession
Opened
#115 Checking domain name of existing cert may fail
Opened
#116 http-01-port support
Opened
#117 Clean old certificate files
Opened
#118 Per-application self-registering hooks
Opened
#119 Add per-domain configuration files
Opened
#120 Certs permission
Opened
#121 rename certificates with status 409 already revoked to .pem-revoked
Opened
#122 registration_info not generated
Opened
#123 archive .pem-revoked
Opened
#124 How?
Opened
#125 Feature: Account update
Opened
#126 rename all 3 cert.pem, chain.pem and fullchain.pem to .pem-revoked
Opened
#127 DNS challange seems not working correctly
Opened
#128 Update license agreement (due at August 1st)
Opened
#129 why does letsencrypt.sh not allow parallel calling?
Opened
#130 Do not hard code subscriber agreement URL
Opened
#131 Agreement URL is out of date
Opened
#132 Feature Request: Registering account key with letsencrypt without requesting domain
Opened
#133 urn:acme:error:unauthorized on dns-01 (lexicon)
Opened
#134 new release
Opened
#135 OpenSolaris (Joyent) Compatibility
Opened
#136 OCSP_MUST_STAPLE="yes" ignored in config file, --ocsp parameter works correctly
Opened
#137 hooks for starting web server only to get auth/cert
Opened
#138 What is the relationship between this repo and certbot?
Opened
#139 Feature idea: hook directory
Opened
#140 Tag v0.2.1 and update CHANGELOG
Opened
#141 Responding to challenge fails with "Provided key authorization was incorrect"
Opened
#142 README does not explain the new name
Opened
#143 Add support for TLS-SNI-01 challenges
Opened
#144 Let people try the staging CA before pointing to the production CA
Opened
#145 Incompliant JWK Thumbprints with leading zeroes
Opened
#146 RSA key 4096
Opened
#147 Error when creating fullchain
Opened
#148 letsencrypt.sh/dehydrated: line 80: unexpected argument `(' to conditional binary operator
Opened
#149 "Key too large: 4104 > 4096" when registering account key with ACME server
Opened
#150 Error Loading request extension section SAN
Opened
#151 Error while trying to get cert on Ubuntu 16.04 LTS
Opened
#152 Feature Request: Delayed Certificate Symlinking
Opened
#153 Fails on busybox
Opened
#154 Requesting certificates can hang if a challenge is not required to do so
Opened
#155 Create PEM-file combining certificate and key
Opened
#156 Handle slow connections better (curl timeout)
Opened
#157 create certificate in --out(put) while using --signcsr
Opened
#158 Add support for appending custom EC/DH parameters
Opened
#159 Need to delay/retry on 500 errors
Opened
#160 Forcing IPv6 does not work
Opened
#161 CRON example
Opened
#162 Challenge is invalid! possible missing "/" in url
Opened
#163 Nginx Proxy: invalid with dehydrated but curl returns the validation file
Opened
#164 Feature: Passing a list of all domains to the hook
Opened
#165 Anyone experience with gandi as DNS server? (The txt record is not updated fast enough)
Opened
#166 cert specific config not loaded if wellknown does not exists
Opened
#167 Is it possible to obtain challenges without verification?
Opened
#168 Does the DNS update hook need to be run for subsequent verifications after the first verification in DNS mode?
Opened
#169 does dehydrated support domain verification by https(port 443)
Opened
#170 Add hook to be called at the end
Opened
#171 IDNs support
Opened
#172 "Already validated" failure
Opened
#173 Pass CHALLENGETYPE to hook.sh for deploy_challenge, clean_challenge, and invalid_challenge
Opened
#174 line 515: deploy_args: unbound variable
Opened
#175 support/usage for "--must-staple --redirect --hsts --uir" cert options?
Opened
#176 Define an allowed prefix for custom config settings
Opened
#177 Feature request - allow update of email address
Opened
#178 cron output suggestion
Opened
#179 Feature Request: Revoke superseded certificate
Opened
#180 Feature request: specifying alternative domains.txt file
Opened
#181 What can I do about Weak Diffie-Hellman and the Logjam Attack
Opened
#182 challenge tokens are created in wrong directory for freeBSD
Opened
#183 http-01, invalid, urn:acme:error:unauthorized, status 403
Opened
#184 Add --no-ocsp command line option
Opened
#185 ERROR: Error when trying to get nonce
Opened
#186 dehydrated forgets to add slash between hostname and ".well-known" in one domain name
Opened
#187 make a v0.3.2 release?
Opened
#188 account argument
Opened
#189 Encountered an issue while getting dehydrated to work, wrote up a tutorial
Opened
#190 Better license handling
Opened
#191 Make the intermediate certificate available again
Opened
#192 Releases: Please provide signatures
Opened
#193 Feature proposal: Intermediate certificates cache
Opened
#194 Recent commit broke certificate requests
Opened
#195 new hooks break old installation
Opened
#196 Feature suggestion: couple per-domain configuration with domains.txt
Opened
#197 Allow otherNames Aliases
Opened
#198 config file order
Opened
#199 Support for storing challenge to a file
Opened
#200 Feature Request: Add alternative names to hook script calls
Opened
#201 token validation command parameter
Opened
#202 Certificate request/renew with F5 Load Balancer
Opened
#203 Don't connect to acme servers if there is nothing to be done
Opened
#204 Make symlink names configurable
Opened
#205 Checking certificate status after running dehydrated -c
Opened
#206 Add option to disable "already validated" feature
Opened
#207 Add startup_hook.
Opened
#208 Different hooks for different operations
Opened
#209 Dehydrated does not keep track of deploy hook failures
Opened
#210 Not working in FreeBSD systems
Opened
#211 Adding email address to an account
Opened
#212 Patch for configuring openssl command
Opened
#213 Allow quiet/silent operation
Opened
#214 Revoked certificates are not archived
Opened
#215 improve error management on a domain request
Opened
#216 dehydrated not working on IPv6-only hosts
Opened
#217 --cleanup from hook
Opened
#218 Clear/Reuse pending authorizations
Opened
#219 Support downloading OCSP responses
Opened
#220 value of ${issuer_cert_uri} part of chain.pem
Opened
#221 Enhancement: Allow use of provided CSRs in normal renewal flow
Opened
#222 Sanity check on domains.txt
Opened
#223 Can't make the -o option work
Opened
#224 Allow multiple keys/certs for a domain
Opened
#225 openssl config usage missing on requesting certificate
Opened
#226 CI Environment
Opened
#227 Feature request: specify multiple hooks for multiple DNS providers at same time
Opened
#228 Crontab
Opened
#229 Wrong default setting
Opened
#230 Write certificate even if chain is not downloaded
Opened
#231 Challenge appears to be deleted before validation
Opened
#232 Duplicate short parameter "-a"
Opened
#233 Hook for restart Nginx after renewing
Opened
#234 dehydrated fails when pre-made csr has multiple domains
Opened
#235 OPENSSL variable not in config file
Opened
#236 CA_REVOKE_CERT Unbound
Opened
#237 startup_hook defined but not functioning
Opened
#238 [FEATURE] separate challenge hook and deployment hook
Opened
#239 Responding to challanges when many SANs
Opened
#240 wait in case of NXDOMAIN with the DNS challenge
Opened
#241 Save certificate to file with --signcsr
Opened
#242 dehydrated doesn't call le-godaddy-dns Python hook
Opened
#243 ACME v2 Support
Opened
#244 ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/new-authz (Status 403)
Opened
#245 Update registration email address
Opened
#246 Error creating new authz :: Invalid character in DNS name
Opened
#247 version information on FreeBSD
Opened
#248 certificate renewal fails with urn:acme:error:malformed
Opened
#249 Integration with a free monitoring system via an API
Opened
#250 --account option is not available in version 0.4.0 in FreeBSD
Opened
#251 Example for GoDaddy API removes any TXT records you might already have
Opened
#252 What am I doing wrong here?
Opened
#253 CSR generated through dehydrated script doesn't contains 'O', 'OU', 'C' parameters
Opened
#254 Config option to resign existing public key
Opened
#255 Crontab
Opened
#256 Issue with failing to acquire root domain certs
Opened
#257 Please ignore hook/* instead of just hook.sh
Opened
#258 DNS problem: NXDOMAIN looking up TXT for MX record
Opened
#259 Does Dehydrated "remember" used hooks?
Opened
#260 Dehydrated doesn't work in pfSense 2.4 branch?
Opened
#261 PRIVATE_KEY_RENEW="no" ignored?
Opened
#262 Specify separate certificate files
Opened
#263 request_failure and invalid_challenge not executed when HOOK_CHAIN=yes
Opened
#264 BOA dehydrated error renewing certificates
Opened
#265 Too talkative
Opened
#266 Challenge invalid: Timeout, status 400 - but access_log shows status 200
Opened
#267 RFE: create a symlink for each SAN
Opened
#268 .gitignore add challenges/*
Opened
#269 *chain*.pem contains blank line and url
Opened
#270 Validate 1 certificate's domains in parallel
Opened
#271 dns-01 hook no longer working in 0.5.0
Opened
#272 dehydrated fails with "challenge is invalid"
Opened
#273 Give domains.txt file as cli param
Opened
#274 New hook: Generate/Fetch external CSR
Opened
#275 Which file for ssl_trusted_certificate in nginx conf with OCSP?
Opened
#276 dehydrated 0.5.0: dehydrated -c -g stops after first domain
Opened
#277 Ussage examples??
Opened
#278 KeyError: 'generate_csr' when building from master.
Opened
#279 KeyError cloudflare
Opened
#280 Commits today appears to cause Dehydrated to exit with non-zero exit code?
Opened
#281 Include name of script when exiting on a fatal error
Opened
#282 Dehydrated silently quits on -c, issue with hook
Opened
#283 ACME clients SHOULD send unique User-Agent header.
Opened
#284 When I change DNS name in new cert for the same client, dehydrated is doing new cert but not activating it
Opened
#285 Avoid the * wildcard in certificate directory names
Opened
#286 v1 staging: fails in walk chain because letsencrypt now redirect you
Opened
#287 Wildcard cert plus apex domain fails DNS-01 challenge
Opened
#288 Non-standard CSRs ignored
Opened
#289 this_hookscript_is_broken__dehydrated_is_working_fine__please_ignore_unknown_hooks_in_your_script
Opened
#290 Content-Type header in v2
Opened
#291 certificate for dehydrated.de expired
Opened
#292 Request Cert on other port
Opened
#293 Walking chain fails - Problem connecting to server
Opened
#294 Api 1 request error to new-authz, once
Opened
#295 Certificate chain: Use new-cert headers instead of fetching issuer url from the certificate
Opened
#296 Modify default CA URL to use the new ACME v2 endpoint
Opened
#297 Fix chain if certificate has already been acquired
Opened
#298 CSR Subject from OPENSSL_CNF ignored
Opened
#299 Certificate file also contains chain for ACME v2
Opened
#300 Multiple algorithms for single sets of domains (by default)
Opened
#301 domain specific config file
Opened
#302 Incorrect TXT record with wildcard and non-wildcard in the same cert
Opened
#303 automatically use dns-01 to generate ca
Opened
#304 Wildcard & Base Domain: Two TXTs
Opened
#305 dehydrated with broken pipe in cat...
Opened
#306 wildcard only with dns01 ? how dns01 works ?
Opened
#307 dehydrated with zsh, sign_csr:86: challenge_identifiers: assignment to invalid subscript range
Opened
#308 Inconsistent naming of config files
Opened
#309 Dropping old ACMEv1 Support?
Opened
#310 ERROR: Challenge is invalid! (returned: ) (result: <<string>>)
Opened
#311 Better JSON parsing
Opened
#312 OCSP stapling file is updated after hooks are called
Opened
#313 Localhost setup
Opened
#314 accounts directory created in certificate directory
Opened
#315 set: pipefail: invalid option name
Opened
#316 ERROR: Validating this certificate is not possible using http-01. Possible validation methods are: dns-01
Opened
#317 [New Feature] - Enable putting dns challenge token creation inline with validation
Opened
#318 DNS validation and subdomains
Opened
#319 export path to config file for use by hook scripts
Opened
#320 Port 80 is open but timeout (Error 400)
Opened
#321 ACMEv2(?): Intermediary (chain) placed in fullchain.pem twice.
Opened
#322 dehydrated responds too quickly when using dns-01
Opened
#323 support generating keys for more than one key algorithm
Opened
#324 generate Merged (key + fullchain) output
Opened
#325 Issue with CAA DNS
Opened
#326 Keep getting `Must agree to subscriber agreement before any further actions`
Opened
#327 Add a qualifier for path to curl?
Opened
#328 How to configure apache with existing vhost redirect/proxypass/AuthType rule?
Opened
#329 Problem with dns validation
Opened
#330 Clean challenge via hook bug?
Opened
#331 Add options to specify certificates owner/group and permissions
Opened
#332 Feature: privilege separation
Opened
#333 Challenge is invalid! (returned: invalid)
Opened
#334 request_failure HEADERS parameter not documented
Opened
#335 dehydrated does not accept terms and services
Opened
#336 JWS has invalid anti-replay nonce
Opened
#337 DNS-01 hook for Yandex.PDD DNS hosting in PHP
Opened
#338 force renew fails
Opened
#339 An error occurred while sending post-request to http://my.domain/.well-known/acme-challenge/...
Opened
#340 Hook_chain being ignored
Opened
#341 Discussion: Bad DNS provider APIs
Opened
#342 ERROR: Challenge is invalid! (returned: invalid)
Opened
#343 Incorrect .pem files with recent versions
Opened
#344 adding certalias to deploy_cert ?
Opened
#345 dehydrated v0.6.1 fails to renew certificate
Opened
#346 Feature: Option to dry-run
Opened
#347 Remove dependency on sudo?
Opened
#348 JWS has no anti-replay nonce
Opened
#349 Does dehydrated fully support IDN's 'Internationalized Domain Names)?
Opened
#350 ERROR: Parsing error in config file
Opened
#351 Add option to ignore extra domains in existing and valid certificates
Opened
#352 How to use wildcard alt names with --domain flag?
Opened
#353 Hook bash for DNS-01 challenge for pratically every domain (with Cloudflare) > GOT!
Opened
#354 Script stops when run by cron
Opened
#355 HTTP challenge is invalid
Opened
#356 No module named builtins
Opened
#357 update wiki
Opened
#358 Add hook callback before privkey loading, e.g. "preload_cert"
Opened
#359 DOMAINS_D not in example config
Opened
#360 HOOK_CHAIN="no" ineffective anymore?
Opened
#361 Support for tls-alpn verification
Opened
#362 Resume reading domains.txt after failed validation
Opened
#363 Multiple domains.txt files?
Opened
#364 Feature request: TXT propogation delay
Opened
#365 dehydrated will not replace staging CA certs with real certs, after staging CA removed from config
Opened
#366 Challenge validation has failed
Opened
#367 Feature: config options per domain
Opened
#368 Get an error trying to renew (list index out of range)
Opened
#369 Challenge validation failed with error 403
Opened
#370 More than one hook script
Opened
#371 Can't validate challenge in --force update mode
Opened
#372 Idea: Only print certs actually being renewed
Opened
#373 I think I might have mucked up my config files
Opened
#374 request for wildcard-certificate and base certificate failed
Opened
#375 DuckDNS wildcard/sub-domains failure
Opened
#376 When there is an error, it removes domains.txt
Opened
#377 DNS problem: NXDOMAIN looking up TXT for _acme-challenge.
Opened
#378 Does not limit retries to letsencrypt APIs
Opened
#379 Please pass domains to startup_hook
Opened
#380 No hook for NSD
Opened
#381 Cannot use --signcsr : "Invalid character in DNS name"
Opened
#382 Command '--cron' meaning
Opened
#383 DNS-01 failed with multiple -d calls
Opened
#384 Call deploy_cert() in hooks-file with alias
Opened
#385 Verify config issue
Opened
#386 Anyone got a manifold or systemd file that you use in production for making dehydrated resign at given intervals?
Opened
#387 Please support http proxies for OCSP
Opened
#388 "No such file or directory" when generating certificates
Opened
#389 Invalid Character in DNS name when creating new auth
Opened
#390 Running as another user, perhaps ssl-cert
Opened
#391 Does dehydrated support TLSA record generation?
Opened
#392 Challenge validation has failed (apache reverse proxy)
Opened
#393 gift: script ro reload Apache2 by systemd timer script (no issue!)
Opened
#394 Script unexpectedly ends without error
Opened
#395 TLS-ALPN-01 support uses obsolete id-pe-acmeIdentifier OID
Opened
#396 dehydrated renewal
Opened
#397 tls-alpn-01 - urn:ietf:params:acme:error:unauthorized Status 403
Opened
#398 Implement POST-as-GET
Opened
#399 Failure reported by nsupdate. Bailing out!
Opened
#400 $SCRIPTDIR/config
Opened
#401 Upgrading from acme-v1 to acme-v2 causes problems
Opened
#402 exit_hook not called if invalid_challenge hook has been called before
Opened
#403 account 'id'
Opened
#404 Why was version 1 API removed
Opened
#405 Strange response from Challenge Validation (403)
Opened
#406 dehydrated for python?
Opened
#407 Suddenly "ERROR: Challenge is invalid!"
Opened
#408 Add an option to keep using the old IdenTrust cross-signed intermediate certificate until 2021
Opened
#409 should tls-acme-01 create a certificate per alias?
Opened
#410 A simple question on dns txt variable
Opened
#411 wildcard *.domain.name not send to hook
Opened
#412 missing id
Opened
#413 Operation to simply retrieve and output the Terms of Service URL
Opened
#414 dns-01 challenge fails with staging API v2: "Malformed account ID in KeyID header URL"
Opened
#415 buypass.com support?
Opened
#416 Consider making ECDSA (P-256) the default certificate type
Opened
#417 RFC 8555 incompatible account ID handling
Opened
#418 Using domain alias
Opened
#419 unbound variable
Opened
#420 Reinstate tests
Opened
#421 Challenge validation failed
Opened
#422 "keep going" suppresses the error status
Opened
#423 EC PARAMETERS in privkey.pem break postfix smtpd_tls_chain_file
Opened
#424 OCSP feature is undocumented
Opened
#425 setting DEHYDRATED_USER does not check uid first
Opened
#426 Strato Support?
Opened
#427 Help with deploy_challenge hook
Opened
#428 challenges fail when using 301 redirects
Opened
#429 dehydrated is not using the canonical Account URL
Opened
#430 dehydrated shouldn't send keyAuthorization in ACMEv2 challenge response
Opened
#431 dns-01: base-domain and wildcard: all challenge deploys are done before validation
Opened
#432 Order finalization should check that the order is "valid" before trying to download the certificate
Opened
#433 Suggestion : add support for DOMAINS_TXT on the command-line
Opened
#434 Malformed account ID in KeyID header
Opened
#435 Please add option --reuse-key
Opened
#436 cURL error 35, recent random failures to connect to LE
Opened
#437 Option to specify own Root CA
Opened
#438 remove tmp files after it have been used
Opened
#439 exit_hook is called at invalid_challenge and not at the end of the cron command
Opened
#440 JWS has no anti-replay nonce
Opened
#441 document $alias in hook script
Opened
#442 Wrong wiki link
Opened
#443 Dehydrated won't work with step-ca acme server / kid does not have required prefix
Opened
#444 "404 Expired authorization" when run in Cron
Opened
#445 hook.sh reload services only once after at least one domain change
Opened
#446 How to change from ACME v1 to ACME v2?
Opened
#447 Cant load .rnd into RNG
Opened
#448 WELLKNOWN directory doesn't exist, please create /etc/www/dehydrated and set appropriate permissions.
Opened
#449 Support setting CA in per-certificate config (DOMAINS_D or certs/…)
Opened
#450 operating system name is wrong in command_version()
Opened
#451 Challenge validation over https link
Opened
#452 01070277:3: The requested key (domain.com_2019-12-27.key) was not found.
Opened
#453 new-acct curl returned with 52
Opened
#454 dns-01 not working
Opened
#455 Feature-Request: Error Message if Hook-Script is broken
Opened
#456 how do i make sure i use acme-v2?
Opened
#457 Error: Challenge is invalid
Opened
#458 Symlinks not being updated, even thought new certificates are created
Opened
#459 error when using letsencrypt_acme_dns-01_challenge_hook.sh
Opened
#460 Beginning June 1, 2020, we will stop allowing new domains to validate using the ACMEv1 protocol
Opened
#461 hook.sh and waiting for DNS records to propagate
Opened
#462 multi-domains: behavior on failure to continue for each other entries
Opened
#463 check_dependencies doesn't check exec status nor for awk/sed
Opened
#464 Validating this certificate is not possible using dns-01. Possible validation methods are: http-01
Opened
#465 incorrect indentation of output
Opened
#466 sometimes certificated renew fails: Challenge is invalid!
Opened
#467 curl check regression
Opened
#468 Is it possible to register with LetsEncrypt with an email address?
Opened
#469 Renew certificate problem OpenSSL
Opened
#470 Example for no-ip
Opened
#471 Example ngnix configuration on the main page is wrong!
Opened
#472 Issue with two domains (master.tld *.master.tld) on same TXT record
Opened
#473 Account base64 representation is calculated with "\n"
Opened
#474 Dehydrated does not work with step-ca and http-01 challenge
Opened
#475 missing whitespace
Opened
#476 Dehydrated does not gracefully handle non-zero return codes from hook functions
Opened
#477 Is it possible to use CONTACT_EMAIL only for certain vhosts on a server?
Opened
#478 External Account Binding support.
Opened
#479 dehydrated does not work with DigiCert ACMEv2 API - token value confusion between challenge types
Opened
#480 dehydrated does not work with DigiCert ACMEv2 API - ACCOUNT_URL problem
Opened
#481 add hook for propagate_challenge
Opened
#482 SAN error generating cert for CNAME domain
Opened
#483 Allow for configure writing to different dir than BASEDIR (read-only FS)
Opened
#484 Allow multiple domains.txt in a domains.txt.d directory
Opened
#485 moving a domain between servers
Opened
#486 Enable --keep-going by default for cronjob-operations.
Opened
#487 Request: pass OCSP_MUST_STAPLE to hook script
Opened
#488 tls-alpn-01 key and certificate permissions too strict
Opened
#489 zsh: sign_csr:207: read-only variable: status
Opened
#490 Incompatibility with freebsd sed?
Opened
#491 failed to parse Keyfile
Opened
#492 Request: Insert affected domain in error message for unsuccessful API call
Opened
#493 can't update/renew
Opened
#494 Way to accomodate multiple CAs
Opened
#495 EXPECTED value GOT EOF
Opened
#496 ocsp fetch delay required after new cert was issued
Opened
#497 cURL error 3
Opened
#498 Request for retry loop for resiliency against curl error 35
Opened
#499 Upcoming intermediate transition
Opened
#500 Unknown hook sync-cert
Opened
#501 Question on config file
Opened
#502 Question: Does dehydrated support new API ? (Transition to ISRG’s Root delayed until Jan 11 2021)
Opened
#503 Add support for "preferred-chain" Issuer CA
Opened
#504 Nothing past merge of json.sh works on Entware / QNAP
Opened
#505 It is not possible to specify multiple domain names with this --domain parameter.
Opened
#506 OCSP fetch breaks down with libressl 2.9.1
Opened
#507 Option to continue fetching certificate if some alternative names don't work
Opened
#508 exit_hook isn't called after request_failure
Opened
#509 bogous ocsp response not updated
Opened
#510 RFC 8738 support?
Opened
#511 New release 0.7.0 ?
Opened
#512 certificate-specific config does not work with values containing space
Opened
#513 cert deployment should not be finished if ocsp fetch failed with must_staple enabled
Opened
#514 Can't get new cert
Opened
#515 Challenge validation has failed when running with cron
Opened
#516 Improvement: Retry logic
Opened
#517 Certificates issued with v 0.7.0 not working when applied to Kemp Loadmaster service
Opened
#518 Feature request: Wait Time
Opened
#519 Symlinks are not updating
Opened
#520 newOrder: support notAfter certificate validity
Opened
#521 Getting ERROR: Challenge is invalid (returned: invalid) : Redirect loop detected
Opened
#522 Bug reading nonce data from headers
Opened
#523 Silly question: How does one install dehydrated?
Opened
#524 Stale lock file prevents dehydrated from running
Opened
#525 Preferred chain: LetsEncrypt Subscriber Certificate < – R3 < – ISRG Root X1
Opened
#526 After upgrade to v2, I cannot sign certs anymore.
Opened
#527 DEHYDRATED_USER + --signcsr sends certificate output to stderr
Opened
#528 Undocumented how to deal w/ v1 deprecation
Opened
#529 Does dehydrated support listing of ISSUED certificates?
Opened
#530 Challenge validation has failed
Opened
#531 Switching CAs
Opened
#532 ERROR: Certificate signing request contains non-DNS Subject Alternative Names
Opened
#533 ERROR: Certificate signing request contains non-DNS Subject Alternative Names
Opened
#534 Sharing with the ssl-cert group
Opened
#535 Request : Dehydrated support for using ECDSA in account creation
Opened
#536 Challenge Validation Has failed- urn:ietf:params:acme:error:dns
Opened
#537 403 Error on letsencrypt tls-alpn-01
Opened
#538 EC keys: omit the "EC PARAMETERS" section (use ecparam -noout flag)
Opened
#539 allow using different challenge per domain
Opened
#540 Cron renew forgets certificates if one fails
Opened
#541 Not all promised environment variables available in hook script
Opened
#542 'org.pl' fails with ovh hook.
Opened
#543 deploy and validate one-by-one
Opened
#544 Support sequential validations instead parallel validations
Opened
#545 Add cmdline option to create a new dehydrated config directory
Opened
#546 Feature - if KEY_ALGO changed from algo of previously generated key - should ignore the 30 day renewal
Opened
#547 support alternate chains offered by the ACME
Opened
#548 allow ocsp fetching via proxy
Opened
#549 register fails when egrep doesn't support -a
Opened
#550 closed
Opened
#551 error when PREFERRED_CHAIN is specified but server does not provides altchains
Opened
#552 Support for new root chain by letsencrypt
Opened
#553 Unable to sign a CSR that contains multiple alt_names
Opened
#554 [critical] new call syntax regression breaks hook.sh deploy_challenge and probably clean_challenge
Opened
#555 SANs broken since 31st
Opened
#556 dehydrated issues certificate chains leading to expired root
Opened
#557 invalid cert chain with old "DST ROOT" cert -> change default behavior
Opened
#558 RFC8555#7.3.4
Opened
#559 We are migrating our servers and I was wondering how to maintain the same let's encrypt account (id, keys).
Opened
#560 Log4J
Opened
#561 zsh errexit causes failed grep to exit
Opened
#562 Signing a CSR for a second time gets stuck at the step - "Responding to challenge for fqdn.domain authorization"
Opened
#563 tmp files for openssl cnf files are not cleaned up in error case
Opened
#564 Creating of *.pem of symlinks is not atomic
Opened
#565 try checking cert revocation status unconditionally
Opened
#566 List of Variables That are Passed to hook.sh?
Opened
#567 ECDSA Support
Opened
#568 Support to clear pending authorizations
Opened
#569 Support IP SAN entries
Opened
#570 Please check your hook script, it should exit cleanly without doing anything on unknown/new hooks
Opened
#571 Some minor suggestions to improve [man page](docs/man/dehydrated.1)
Opened
#572 Trigger release
Opened
#573 Internationalized Domain Name
Opened
#574 Compare with ACME.sh
Opened
#575 Question - DNS Challenge: Provider has no DNS API
Opened
#576 Text for new file, docs/CertDeployment
Opened
#577 Error creating new order
Opened
#578 no renewal with pebble
Opened
#579 Future of dehydrated (dead?)
Opened
#580 dynamic subzone for DNS 2136 update
Opened
#581 Let's Encrypt "Service Busy" response
Opened
#582 Alias via domains.txt broken?
Opened
#583 Lets Encrypt returning 400 Bad Request for certificate signing requests?
Opened
#584 Scripts on Postrun-hooks.d need to have a way to run in order.
Opened
#585 egrep: warning: egrep is obsolescent; using grep -E
Opened
#586 Validate challenges after deploy_challenge
Opened
#587 dehydrated seems donot use really X1 ?
Opened
#588 Hijacked links on Wiki
Opened
#589 example of haproxy deploy_challenge/clean_challenge hook
Opened
#590 dehydrated -c silently fails to renew certificates using zsh
Opened
#591 How to upgrade the key alogorithm
Opened
#592 how to start using this when you already have an account?
Opened
#593 Failing with curl error 35 leaves invalid PEM file
Opened
#594 DNS01 hook - freemyip.com
Opened
#595 /bin/config: line 6: use: command not found
Opened
#596 Failed to renew - Problem connecting to server [FreeBSD, curl, SSL cert problem]
Opened
#597 hook.sh: line 217: $1: unbound variable
Opened
#598 empty
Opened
#599 Add support for Google Trust Services ACME
Opened
#600 Argument to get certalias in hook script
Opened
#601 hexdump is a linux only tool
Opened
#602 Local file write when using http-01 and hook script
Opened
#603 Managing multiple certificates and servers
Opened
#604 OVH hooks in bash
Opened
#605 Incorrect validation certificate for tls-alpn-01 challenge
Opened
#606 Failing with error "/usr/bin/env: ‘bash\\r’: No such file or directory"
Opened
#607 Will dehydrated be broken after Sep 30th, 2024?
Opened
#608 The problem of getting a certificate from staging mode
Opened
#609 Preserve cert alias case
Opened
#610 Phase in key rollover
Opened
#611 need help configuring things that the docs don't mention
Opened
#612 Selfhost.(de|eu) hook
Opened
#613 Respect domain-specific hooks when using dns-01 challenge type
Opened
#614 Dehydrated gets confused by openssl req -verify output.
Opened
#615 init config file
Opened
#616 Do I need to define all hook functions?
Opened
#617 New Hook for Rcode0 - DNS Automation
Opened
#618 E-Mail from buypass informing about changes, dehydrated stopped working immediately
Opened
#619 DNS challenges seem to be doubled - is this expected behavior?
Opened
#620 Self-Signed revoke documented but not working
Opened
#621 Option to disable registration_info.json backups when running --account
Opened
#622 Doesn't pass environment variables when run via sudo
Opened
#623 Help! Error: Received certificate which is not self-signed.
Opened
#624 Please do a release
Opened
#625 A longer delay may be needed after deploying a DNS-01 challenge
Opened
#626 Parameter --ca priority?
Opened
#627 New hook for using dns-01 with deSEC
Opened
#628 new hooks for bulk handling
Opened
#629 Letsencrypt changes broke dehydrated
Opened
#630 LetsEncrypt removing OCSP-Support 30. Jan 2025
Opened
#631 openssl 3.2+ support (Warning: Will read cert request from stdin since no -in option is given)
Opened
#632 Issue: Timeout during certificate renewal process
Opened
#633 Support ACME Renewal Information (ARI)
Opened
#634 --signcsr works on RHEL 8 but not on RHEL 9
Opened
#635 Privkey size is very small
Opened
#636 Support Certificate Profiles
Opened
#637 Set default RENEW_DAYS=32
Opened
#638 is this project dead or sleeping now?
Opened
#639 Registration to CA requires a DNS hook if config has CHALLENGETYPE="dns-01" set
Opened
#640 dehydrated-0.7.2.tar.gz.asc is not a detached signature
Opened
#641 Let's Encrypt / OCSP
Opened
#642 Support CLI arguments for contact e-mail address, EAB_KID and EAB_HMAC_KEY
Opened
#643 Don't rename certificate if it's not actually revoked
Opened
#644 editing wiki not available anymore
Opened
#645 DNS01 Hook - Luadns.com - Add to Wiki?
Opened
#646 openssl checkend always with exit 0
Opened
#647 Temp files not being cleaned up
Opened
#648 Support EAB without challengetype
Opened
#649 Renewing every run since last commit
Opened
#650 Dynamic renewal timing
Opened
#651 Bug in expiry time calculation
Opened
#652 [PR #1] [MERGED] fix registration, certificate creation and minor fixes
Opened
#653 [PR #6] [CLOSED] style: shellcheck
Opened
#654 [PR #8] [CLOSED] make openssl keysize configurable
Opened
#655 [PR #7] [MERGED] add challenge hook and minor fixes/improvements
Opened
#656 [PR #9] [CLOSED] Check expire date of existing certs
Opened
#657 [PR #10] [CLOSED] don't overwrite certificate files
Opened
#658 [PR #11] [MERGED] fixed logic to check status from our challenge
Opened
#659 [PR #12] [MERGED] generate a new private key for each csr if the user wishes so
Opened
#660 [PR #13] [MERGED] show expire date when we don't need to renew a certifcate
Opened
#661 [PR #14] [CLOSED] Add sed as a parameter variable in order to be able to specify the sed version that must be used.
Opened
#662 [PR #16] [CLOSED] Store keys and certs in $BASEDIR
Opened
#663 [PR #15] [CLOSED] Cleaner outputs
Opened
#664 [PR #17] [CLOSED] Openssl.cnf parameter
Opened
#665 [PR #21] [CLOSED] implement revoke
Opened
#666 [PR #22] [CLOSED] Hook post creation
Opened
#667 [PR #24] [CLOSED] add HOOK_POST_CREATION
Opened
#668 [PR #23] [CLOSED] help text and initial code for command parameter
Opened
#669 [PR #25] [CLOSED] add HOOK_POST_CREATION
Opened
#670 [PR #28] [CLOSED] add HOOK_POST_CREATION
Opened
#671 [PR #27] [CLOSED] Post Challenge & New Cert Hooks
Opened
#672 [PR #30] [CLOSED] add CONTACT_EMAIL option on registration
Opened
#673 [PR #33] [MERGED] Move cleaning challenge in order to clean when challenge is valid and when challenge is invalid.
Opened
#674 [PR #29] [CLOSED] A single HOOK to handle challenge, cleaning of challenge files and uploading of certs.
Opened
#675 [PR #35] [CLOSED] help text and initial code for command parameter -- second try
Opened
#676 [PR #36] [CLOSED] Hook for deploying certs via ssh
Opened
#677 [PR #39] [CLOSED] remove --sign in favor of two options "--force" and "--domain"
Opened
#678 [PR #37] [MERGED] fix logic if private key is specified via command line option
Opened
#679 [PR #40] [MERGED] Don't use SCRIPTDIR
Opened
#680 [PR #41] [CLOSED] Update $WELLKNOWN default dir
Opened
#681 [PR #44] [MERGED] bugfix: keep configured PRIVATE_KEY
Opened
#682 [PR #49] [MERGED] remove command --sign in favor of two parameters "--force" and "--domain"
Opened
#683 [PR #53] [CLOSED] two revoke fixes
Opened
#684 [PR #52] [CLOSED] replace pcre-ism with posix class
Opened
#685 [PR #55] [CLOSED] force a renew if given domain name(s) don't match the domain name(s) …
Opened
#686 [PR #54] [MERGED] fix: --domain/-d is a parameter and not a command!
Opened
#687 [PR #56] [CLOSED] add perl shebang
Opened
#688 [PR #59] [MERGED] when using printf, we do not need inline expansion of variables
Opened
#689 [PR #62] [CLOSED] Tiny tidy up commits
Opened
#690 [PR #58] [CLOSED] Added WELLKNOWN Apache 2.4 example
Opened
#691 [PR #61] [CLOSED] Added nginx.conf.example
Opened
#692 [PR #65] [CLOSED] Update README.md: Remove unnecessary the
Opened
#693 [PR #64] [CLOSED] better use grep -q insted of output redirection
Opened
#694 [PR #68] [MERGED] Renew certificate 30 days before expiration
Opened
#695 [PR #71] [MERGED] Changed shebang of import-certs.sh to #!/usr/bin/env bash
Opened
#696 [PR #69] [MERGED] fix typo in test.sh (ngrok not found)
Opened
#697 [PR #75] [CLOSED] add support for dns-01 challenge
Opened
#698 [PR #76] [MERGED] make hook a command line parameter
Opened
#699 [PR #78] [CLOSED] fix bug #60 - problem with tab and multiple spaces in domain.txt
Opened
#700 [PR #77] [MERGED] add support for dns-01 challenge - try 2
Opened
#701 [PR #73] [CLOSED] Also concatenate privkey.pem and cert.pem to to privcert.pem. This is needed for e.g. pure-ftpd
Opened
#702 [PR #81] [MERGED] Remove home path from config.sh.example
Opened
#703 [PR #80] [CLOSED] Add cleanup command to delete old files
Opened
#704 [PR #82] [MERGED] Require $WELLKNOWN only when using http-01.
Opened
#705 [PR #85] [MERGED] Added missing space before exit code.
Opened
#706 [PR #86] [MERGED] Check if directory for LOCKFILE is writable.
Opened
#707 [PR #95] [MERGED] Add ability to sign "arbitrary" CSRs
Opened
#708 [PR #88] [MERGED] I's are important
Opened
#709 [PR #89] [MERGED] add support for Elliptic Curve Cryptography (ECC)
Opened
#710 [PR #98] [MERGED] Respect configured BASEDIR for default values
Opened
#711 [PR #97] [MERGED] Fix possibly broken syntax highlighting
Opened
#712 [PR #99] [MERGED] Add conf.d support
Opened
#713 [PR #103] [MERGED] Retain full result when submitting challenge. Fixes #102
Opened
#714 [PR #107] [MERGED] Add hook script example.
Opened
#715 [PR #106] [CLOSED] Fix issue 101
Opened
#716 [PR #100] [MERGED] Add detail as to how dns-01 hook works
Opened
#717 [PR #110] [CLOSED] read domains into temporary file and array to allow stdin to function…
Opened
#718 [PR #109] [CLOSED] Make letsencrypt.sh zsh-compatible
Opened
#719 [PR #111] [MERGED] The dns-01 support is now available in production
Opened
#720 [PR #113] [MERGED] pass IO descriptors to HOOK transparently
Opened
#721 [PR #114] [CLOSED] Add option to chain challenge hook arguments. Fixes #79.
Opened
#722 [PR #115] [CLOSED] Check all certificate expiration dates
Opened
#723 [PR #118] [MERGED] Added LOCKFILE to config.sh.example
Opened
#724 [PR #133] [CLOSED] check if curl is able to reach letsencrypt via http and https.
Opened
#725 [PR #136] [CLOSED] merge letsencrypt.sh
Opened
#726 [PR #135] [MERGED] Updated Readme with rate limit warning + staging URL
Opened
#727 [PR #140] [CLOSED] Add RPM spec for CentOS
Opened
#728 [PR #137] [CLOSED] load config in cleanup function
Opened
#729 [PR #141] [MERGED] Handle case where no files to cleanup exist.
Opened
#730 [PR #143] [MERGED] Use /usr/bin/env bash shebang
Opened
#731 [PR #139] [MERGED] Skip non-folder entries on cleanup.
Opened
#732 [PR #144] [MERGED] Pass intermediate cert to hook script
Opened
#733 [PR #146] [CLOSED] Make path to openssl binary configurable.
Opened
#734 [PR #151] [MERGED] allow spaces in path to additional configuration file
Opened
#735 [PR #148] [CLOSED] New hook deploy_certs which calls once after all certificates is issued.
Opened
#736 [PR #155] [CLOSED] Add support for --keep-going in cron mode
Opened
#737 [PR #159] [MERGED] [doc] Update README.md
Opened
#738 [PR #156] [CLOSED] pass timestamp and key_algo to deploy hook
Opened
#739 [PR #157] [MERGED] Add hook for unchanged certificates.
Opened
#740 [PR #167] [MERGED] Example of DNS record
Opened
#741 [PR #165] [MERGED] Use of 'grep -o' doesn't work on SunOS (fixes #164)
Opened
#742 [PR #169] [CLOSED] Make temp files identifiable and remove unnecessary eval
Opened
#743 [PR #172] [MERGED] Keep registration information as json.
Opened
#744 [PR #173] [CLOSED] Using alias instead of root in cases where root does not work
Opened
#745 [PR #174] [CLOSED] Adding the ability to build a Debian package
Opened
#746 [PR #177] [CLOSED] add hook-example howto convert certs to java keystore file
Opened
#747 [PR #184] [MERGED] wellknown.md: Clarify WELLKNOWN variable
Opened
#748 [PR #179] [CLOSED] Configuration stubs and validation hooks for use on QNAP devices
Opened
#749 [PR #201] [MERGED] Update wellknown.md
Opened
#750 [PR #188] [CLOSED] start of python hook example
Opened
#751 [PR #200] [CLOSED] Adding --testCA for testing on Let's Encrypt staging API
Opened
#752 [PR #202] [CLOSED] Fix issues on 2016-05-18. Remove new lines from json response.
Opened
#753 [PR #210] [MERGED] Make certificate output location configurable
Opened
#754 [PR #204] [MERGED] Make location of domains.txt configurable
Opened
#755 [PR #211] [MERGED] Check that the detected config is a file
Opened
#756 [PR #214] [MERGED] Include method and URL in curl error
Opened
#757 [PR #218] [CLOSED] letsencrypt.sh#217: FreeBSD sed doesn't parse challenges properly
Opened
#758 [PR #219] [CLOSED] make dependency check work for non-gnu diff
Opened
#759 [PR #223] [CLOSED] fix mktemp arg quoting
Opened
#760 [PR #222] [CLOSED] Fixed the Nginx example
Opened
#761 [PR #224] [MERGED] Add Lighttpd example to wellknown.md
Opened
#762 [PR #225] [CLOSED] Fix domain name check from certificate.
Opened
#763 [PR #226] [CLOSED] Fetch WELLKNOWN from environment if available
Opened
#764 [PR #228] [CLOSED] added wait time for the locking mechanism
Opened
#765 [PR #242] [MERGED] Introduce per cert configuration directory DOMAINS_D
Opened
#766 [PR #231] [MERGED] Added option to select IP version of name to address resolution
Opened
#767 [PR #244] [CLOSED] Make umask a bit less paranoid
Opened
#768 [PR #247] [CLOSED] Update staging.md
Opened
#769 [PR #251] [CLOSED] Update missing config message
Opened
#770 [PR #254] [MERGED] Fix default license help text in example config
Opened
#771 [PR #253] [MERGED] Make example hook.sh file executable.
Opened
#772 [PR #260] [MERGED] ECDSA is supported since February 10, 2016
Opened
#773 [PR #256] [CLOSED] Merge from lukas2511/master
Opened
#774 [PR #259] [MERGED] Update staging doc
Opened
#775 [PR #262] [CLOSED] Retry invalid challenge responses, limit retries to 5.
Opened
#776 [PR #261] [CLOSED] Retry invalid challenge responses, set number of retries to NUMBER
Opened
#777 [PR #265] [CLOSED] changes to process
Opened
#778 [PR #266] [CLOSED] Fix config logic for revoke command.
Opened
#779 [PR #264] [CLOSED] filter commonName
Opened
#780 [PR #269] [CLOSED] Adding the invalid_challenge and request_failure hooks
Opened
#781 [PR #272] [CLOSED] Debian packaging for dehydrated
Opened
#782 [PR #277] [CLOSED] add --create-dirs flag
Opened
#783 [PR #278] [MERGED] Adding the invalid_challenge hook
Opened
#784 [PR #280] [CLOSED] fix some README typos
Opened
#785 [PR #283] [CLOSED] Fix request new certificate if authorization valid
Opened
#786 [PR #286] [CLOSED] Create Alpine based Dockerfile
Opened
#787 [PR #289] [CLOSED] * Add debian package scripts
Opened
#788 [PR #287] [MERGED] Add new parameter --lock-suffix.
Opened
#789 [PR #291] [CLOSED] Output in PKCS#12 format
Opened
#790 [PR #292] [CLOSED] Dockerfile: Add Docker support
Opened
#791 [PR #293] [MERGED] Skip challenge for already validated domains
Opened
#792 [PR #294] [MERGED] Basic implementation for private key rollover
Opened
#793 [PR #298] [CLOSED] Keep code quality high with shellcheck
Opened
#794 [PR #301] [MERGED] Hint on how to set config options
Opened
#795 [PR #300] [MERGED] examples/hook: no bashism
Opened
#796 [PR #299] [MERGED] fix lighttpd syntax
Opened
#797 [PR #311] [CLOSED] Fixing "$1 not set" for HANDLER var
Opened
#798 [PR #319] [MERGED] Minor Grammar Stuff
Opened
#799 [PR #321] [MERGED] Test for case when challenge_altnames is empty
Opened
#800 [PR #325] [CLOSED] Fix: bash to sh notation on invalid_challenge() hook
Opened
#801 [PR #326] [MERGED] Adding the request_failure hook
Opened
#802 [PR #327] [CLOSED] Update domains_txt.md
Opened
#803 [PR #339] [CLOSED] Debianized
Opened
#804 [PR #349] [MERGED] The example hook script uses bash test regex
Opened
#805 [PR #343] [CLOSED] Changed a fatal to non-fatal to be able to continue parsing domains.t…
Opened
#806 [PR #336] [CLOSED] per issue #335, updating documentation with slight change to config file
Opened
#807 [PR #354] [CLOSED] Support dynamic domains list
Opened
#808 [PR #350] [CLOSED] Don't require WELLKNOWN for register command
Opened
#809 [PR #352] [CLOSED] Add "command_version" to display current version with --version or -v
Opened
#810 [PR #357] [CLOSED] dont strip when cwd is /
Opened
#811 [PR #361] [CLOSED] Update contact of account
Opened
#812 [PR #362] [CLOSED] Update to allow for post-deploy commands
Opened
#813 [PR #364] [CLOSED] Support for storing challenge to a file
Opened
#814 [PR #367] [CLOSED] Enable alternate domain file location
Opened
#815 [PR #369] [CLOSED] Fix typos
Opened
#816 [PR #373] [CLOSED] Add MSYS support
Opened
#817 [PR #381] [CLOSED] Error logging
Opened
#818 [PR #377] [CLOSED] use existing CSR in cron mode.
Opened
#819 [PR #393] [CLOSED] Allow to use a different openssl binary than system default openssl
Opened
#820 [PR #388] [CLOSED] Added new feature Update registration contact #239
Opened
#821 [PR #386] [CLOSED] DNS-01 challenge response only after DNS propagation
Opened
#822 [PR #395] [CLOSED] Ability to provide extra curl options
Opened
#823 [PR #394] [CLOSED] Support older bash releases
Opened
#824 [PR #401] [CLOSED] Add some formatting to improve human scannability (while reading)
Opened
#825 [PR #400] [CLOSED] add cert alias, fixing #396
Opened
#826 [PR #406] [CLOSED] Add some comments about IPv6.
Opened
#827 [PR #417] [CLOSED] Added hardlink support, changed spacing in help
Opened
#828 [PR #412] [CLOSED] add host for OCSP request
Opened
#829 [PR #434] [CLOSED] Add optional user and group configuration
Opened
#830 [PR #424] [CLOSED] configurable OPENSSL variable for each certificate.
Opened
#831 [PR #429] [CLOSED] fix issue #426 - version info on FreeBSD
Opened
#832 [PR #435] [CLOSED] Add man page
Opened
#833 [PR #436] [CLOSED] #108 --check
Opened
#834 [PR #443] [CLOSED] #396 alias take 2
Opened
#835 [PR #438] [CLOSED] replace backticks on errtxt
Opened
#836 [PR #437] [CLOSED] Restart nginx after certification
Opened
#837 [PR #444] [CLOSED] fix ocsp.der symlink
Opened
#838 [PR #456] [CLOSED] Update wellknown.md
Opened
#839 [PR #446] [MERGED] fix --account command backup file path generation
Opened
#840 [PR #453] [CLOSED] retry post if 500 and echo warning to stdout
Opened
#841 [PR #457] [CLOSED] be more verbose on OCSP stapling file updates
Opened
#842 [PR #463] [CLOSED] --domain param accepts filename to change domains.txt
Opened
#843 [PR #464] [CLOSED] Acme v02 api support
Opened
#844 [PR #466] [CLOSED] Fix grammer error in the manpage
Opened
#845 [PR #467] [CLOSED] openssl: do not use -out when generating private keys
Opened
#846 [PR #469] [CLOSED] Add ^~ to nginx location block
Opened
#847 [PR #473] [MERGED] Fix globbing of CONFIG_D *.sh files
Opened
#848 [PR #471] [CLOSED] Devops 1328 new certs
Opened
#849 [PR #482] [CLOSED] Include name of script when exiting on a fatal error (fixes #481)
Opened
#850 [PR #485] [CLOSED] fixed "sed: invalid option -- 'E'"
Opened
#851 [PR #472] [CLOSED] Add example hook script for Gitlab pages
Opened
#852 [PR #502] [CLOSED] Improve documentation on wildcards
Opened
#853 [PR #514] [CLOSED] Add ocsp_update hook
Opened
#854 [PR #512] [CLOSED] add example for wildcard entry
Opened
#855 [PR #529] [CLOSED] added fullkeyandchain.pem support
Opened
#856 [PR #517] [CLOSED] fix date in man page
Opened
#857 [PR #532] [CLOSED] Removed HOOK_CHAIN if condition for hooks request_failure and invalid…
Opened
#858 [PR #531] [CLOSED] Removed HOOK_CHAIN if condition preventing execution of hooks with HO…
Opened
#859 [PR #541] [CLOSED] Fix small typo in README.md
Opened
#860 [PR #538] [CLOSED] deploy_ocsp timestamp parameter in example hook file is wrong
Opened
#861 [PR #543] [CLOSED] Update logo to better quality
Opened
#862 [PR #560] [CLOSED] Fixes #559 : grep ignore case for HTTP headers
Opened
#863 [PR #553] [CLOSED] Move hook challenge deployment into loop
Opened
#864 [PR #557] [CLOSED] New hook to be called before challenge validation
Opened
#865 [PR #574] [CLOSED] Adds keep_going parameter to example config file
Opened
#866 [PR #582] [CLOSED] issue #575
Opened
#867 [PR #593] [CLOSED] Add support for non-decimal integer account ID
Opened
#868 [PR #587] [CLOSED] adding new CLI Command (--cleanupdelete / -gcd)
Opened
#869 [PR #609] [CLOSED] Ensure files are written to disk before symlink
Opened
#870 [PR #592] [CLOSED] Delete CHANGELOG
Opened
#871 [PR #602] [CLOSED] allow setting OCSP_FETCH and OCSP_DAYS per certificate config
Opened
#872 [PR #611] [CLOSED] Defer verification of domain-specific config options for --cron
Opened
#873 [PR #613] [CLOSED] Add sleep timer for dns-01 challenges
Opened
#874 [PR #617] [CLOSED] support mksh as executing shell
Opened
#875 [PR #616] [CLOSED] export HOOK_CHAIN when calling HOOK
Opened
#876 [PR #614] [CLOSED] per-certificate-config can override PRIVATE_KEY_ROLLOVER var
Opened
#877 [PR #618] [CLOSED] require only basic RE of sed(1) and no POSIX character classes
Opened
#878 [PR #619] [CLOSED] support running on MirBSD
Opened
#879 [PR #632] [CLOSED] x
Opened
#880 [PR #620] [CLOSED] improve intro documentation
Opened
#881 [PR #635] [CLOSED] Add --single to only process a single line of domains.txt
Opened
#882 [PR #639] [CLOSED] Wait if order status is processing
Opened
#883 [PR #642] [CLOSED] Split long lines in domain.txt
Opened
#884 [PR #637] [CLOSED] Default BASEDIR to /etc if installed to /usr/bin
Opened
#885 [PR #648] [CLOSED] fetch missing id
Opened
#886 [PR #640] [CLOSED] added wiki link to readme
Opened
#887 [PR #656] [CLOSED] libressl compability for ocsp_fetch
Opened
#888 [PR #662] Split long lines in domains.txt (revised)
Opened
#889 [PR #663] [CLOSED] Fix all ShellCheck errors and warnings
Opened
#890 [PR #667] [CLOSED] cleanup: also do cleanup if symlink is broken
Opened
#891 [PR #666] [CLOSED] Only check existing certs when necessary
Opened
#892 [PR #669] [CLOSED] changing how we fetch the account id from the Location
Opened
#893 [PR #675] [CLOSED] FIX dns-01 domain + wildcard walidation (#674)
Opened
#894 [PR #682] [CLOSED] just a missing quote
Opened
#895 [PR #679] [CLOSED] Add missing " in hook example
Opened
#896 [PR #685] [CLOSED] Fix link in dns-verification.md
Opened
#897 [PR #700] [CLOSED] fetching original updates
Opened
#898 [PR #693] [CLOSED] docs: use service instead of systemctl in the examples
Opened
#899 [PR #712] [CLOSED] OSCP instead of OCSP if file still valid
Opened
#900 [PR #704] [CLOSED] Get OS from /etc/os-version instead of /etc/issue
Opened
#901 [PR #716] [CLOSED] Check for openssl/awk/sed and all are executable
Opened
#902 [PR #722] [CLOSED] Add mark release
Opened
#903 [PR #721] [CLOSED] Add mark release
Opened
#904 [PR #718] [CLOSED] Fix curl check regression and simplify
Opened
#905 [PR #726] [MERGED] Fix challenge response POST body in ACMEv2
Opened
#906 [PR #725] [CLOSED] Fix typo "implicitly"
Opened
#907 [PR #727] [MERGED] Fix account URL
Opened
#908 [PR #739] [CLOSED] Fix for issue #738 - support DigiCert ACMEv2 API behaviour
Opened
#909 [PR #735] [CLOSED] Fix tls-alpn-01 configuration example
Opened
#910 [PR #728] [CLOSED] Don't assume order status to be valid, retry if needed
Opened
#911 [PR #740] [CLOSED] doc/examples/hook.sh typo fix
Opened
#912 [PR #745] [CLOSED] removed tmp file in 'generate_alpn_certificate' function
Opened
#913 [PR #758] [CLOSED] sudo: fix for #665 and avoid silent failure on error
Opened
#914 [PR #748] [CLOSED] Fix #747 by enabling keep-going by default, add --abort-on-error
Opened
#915 [PR #741] [CLOSED] Fix typo in comment
Opened
#916 [PR #754] [CLOSED] Fix #753: make alpn certificated and key group readable
Opened
#917 [PR #759] [CLOSED] Support DigiCert ACMEv2 API behaviour
Opened
#918 [PR #764] [CLOSED] add more CA presets
Opened
#919 [PR #760] [CLOSED] implement account deactivation through --deactivate parameter
Opened
#920 [PR #761] [CLOSED] Replace \s with [[:space:]] for compatibility
Opened
#921 [PR #765] [MERGED] fix OS name detection
Opened
#922 [PR #780] [CLOSED] Support secp521r1 keys
Opened
#923 [PR #766] [CLOSED] add --show-terms to display the URL for the current ToS
Opened
#924 [PR #784] [CLOSED] Fix OCSP_FETCH with libressl
Opened
#925 [PR #773] [CLOSED] Merging from base repo
Opened
#926 [PR #788] [CLOSED] force-renew certificates when switching ACME providers
Opened
#927 [PR #791] [CLOSED] fix parsing cert-specific config
Opened
#928 [PR #790] [CLOSED] fix parsing certificate-specific config
Opened
#929 [PR #795] [CLOSED] Support for LibreSSL version of openssl on macOS
Opened
#930 [PR #797] [CLOSED] add -t tls-alpn-01 to command line help
Opened
#931 [PR #796] [CLOSED] Support for LibreSSL version of openssl on macOS
Opened
#932 [PR #798] [CLOSED] Per-certificate config fixes
Opened
#933 [PR #803] [CLOSED] Updating nonce handler for newer versions of F5
Opened
#934 [PR #804] [MERGED] document using -t tls-alpn-01 with lighttpd
Opened
#935 [PR #810] [CLOSED] Support reading domains from drop-in snippets in domains.txt.d
Opened
#936 [PR #809] [CLOSED] Acme update
Opened
#937 [PR #811] [CLOSED] Add more examples to show case how to create certs
Opened
#938 [PR #812] [CLOSED] Update staging.md to use ACMEv2 server
Opened
#939 [PR #815] [CLOSED] ensure newline before new section in openssl.cnf
Opened
#940 [PR #814] use flock for stale lock file handling
Opened
#941 [PR #829] [CLOSED] Remove debug echo in command_cleanup()
Opened
#942 [PR #840] [CLOSED] Better handling around grep/awk
Opened
#943 [PR #841] [CLOSED] Use consistent indent in hook.sh
Opened
#944 [PR #846] [CLOSED] Fix command_version on Darwin/macOS 11
Opened
#945 [PR #847] [CLOSED] Fix hook based challenges if the same domain appears twice or more
Opened
#946 [PR #848] [CLOSED] Make CHALLENGETYPE available in Hook.
Opened
#947 [PR #861] [CLOSED] doc: replace unknown ecdsa algorithm reference
Opened
#948 [PR #866] [CLOSED] Replace all escaped slashes in json strings
Opened
#949 [PR #862] Add BACKOFF config option and --retry-failures option
Opened
#950 [PR #868] [CLOSED] egrep is deprecated
Opened
#951 [PR #871] [CLOSED] Update to 0.7.0
Opened
#952 [PR #875] [CLOSED] improve man page based on feedback from debian-l10n-english (#873)
Opened
#953 [PR #877] [CLOSED] Add check for head/tail
Opened
#954 [PR #878] [CLOSED] Add missing checks and fix hexdump output
Opened
#955 [PR #890] [CLOSED] egrep -> grep -E
Opened
#956 [PR #885] [CLOSED] Replace "egrep" with "grep -E"
Opened
#957 [PR #923] [CLOSED] Ignore output of 'openssl req -verify'.
Opened
#958 [PR #893] [CLOSED] Provide examples for running under SystemD
Opened
#959 [PR #925] [CLOSED] Update repo url in man1 page
Opened
#960 [PR #915] [CLOSED] Proxy-option for openssl-ocsp stapling
Opened
#961 [PR #926] Add a check for a change of key between CSR and existing cert.
Opened
#962 [PR #929] [CLOSED] Suppress openssl warning about reading from stdin.
Opened
#963 [PR #928] [CLOSED] Retry deploy_cert on later dehydrated runs.
Opened
#964 [PR #932] Support custom certificate lifetime
Opened
#965 [PR #930] Fix an occasional broken pipe error message.
Opened
#966 [PR #935] Skip account lookup on self-signed revoke, fixes #934
Opened
#967 [PR #940] [CLOSED] Disable warning when reading CSRs from stdin.
Opened
#968 [PR #936] [CLOSED] Update dehydrated repo urls in man page
Opened
#969 [PR #944] [CLOSED] Add support for Google Trust Services.
Opened
#970 [PR #943] dehydrated#910 hexdump not always available
Opened
#971 [PR #952] [CLOSED] Correct indentation of visible output
Opened
#972 [PR #956] [CLOSED] implemented certificate profile selection (draft-aaron-acme-profiles-00)
Opened
#973 [PR #959] Implement ARI support when checking certificate renewal
Opened
#974 [PR #954] Include local overrides for hook.sh functions
Opened
#975 [PR #953] Improve trap handling
Opened
#976 [PR #964] [CLOSED] Add --acme-profile option to specify ACME profile in README.md
Opened
#977 [PR #972] [CLOSED] Don't allow CDN's to send cached responses
Opened
#978 [PR #966] [CLOSED] check for existence of ocsp responder if OCSP_FETCH="yes" is set
Opened
#979 [PR #973] remove unnecessary fields from ALPN certificate
Opened
#980 [PR #968] fix misleading doc
Opened
#981 [PR #974] Replace hexdump but the more available od command
Opened
#982 [PR #986] Allow to override user agent with CURL_OPTS
Opened
#983 [PR #983] allow challenge to be "none" in cases where the ca relies on eab only
Opened
#984 [PR #978] Make hexdump optional with xxd and od replacements
Opened
#985 [PR #977] Support Single-TXT Record Providers like DuckDNS