20c27b291c
Add more examples to show case how to create certs
...
e.g. with different key algorithms
2021-03-29 20:19:41 +02:00
374fce0249
document using -t tls-alpn-01 with lighttpd
2021-03-21 20:42:23 +01:00
527933db24
Per-certificate config fixes
...
- Ensure that all per-certificate settings are saved and restored in
store_configvars() and reset_configvars() - that's what makes them
per-certificate in the first place...
- Add OCSP_FETCH and OCSP_DAYS in the documented list of supported
per-certificate configs, since the code does allow these.
2021-02-18 16:51:14 +01:00
082da2527c
preparing for release 0.7.0
2020-12-10 16:54:26 +01:00
7dfde364a3
added support for requesting preferred-chain instead of default chain
2020-11-13 20:36:51 +01:00
60cb678e3b
add more CAs, now that support for CA presets is implemented
...
- letsencrypt-test (LE staging CA)
- buypass (verified to work with the new json parsing, see #653 )
- buypass-test analogously
2020-09-27 20:41:34 +02:00
a9a64c9fd0
use presets for some CAs instead of requiring full urls
2020-09-14 16:37:16 +02:00
42a0fc9a5e
fix tls-alpn-01 configuration example
2020-07-05 22:30:38 +02:00
e119d9136b
fixed some typos ( fixes #725 , fixes #741 , fixes #740 )
2020-07-05 22:29:57 +02:00
9827a411b3
removed instructions for importing from "official" client (certbot) as it probably doesn't work anymore and there isn't really much use for it anyway
2020-04-28 21:29:24 +02:00
4a55f93896
fix link to wiki in documentation ( fixes #690 )
2020-04-28 21:27:49 +02:00
74a536c161
added documentation about possible future removal of api version 1
2019-03-04 23:23:40 +01:00
133e31de0b
tiny documentation fix: per-certificate-config can override PRIVATE_KEY_ROLLOVER ( closes #614 )
2019-03-03 20:38:47 +01:00
e4a32acbe2
new hook: sync_cert ( closes #609 )
2019-03-03 20:22:41 +01:00
1c77730373
call exit_hook with error message ( fixes #630 )
2019-03-03 20:08:18 +01:00
92aa1ecd5a
document DOMAINS_D parameter in example config ( fixes #575 , closes #582 )
2018-10-20 13:05:20 +02:00
fba49ba28e
implemented initial support for tls-alpn-01 verification
2018-07-26 04:44:29 +02:00
2a8af8fda7
made ocsp refresh interval configurable
2018-05-07 03:31:43 +02:00
9165cfdebf
added dns-txt-foo to troubleshooting.md
2018-05-01 17:54:13 +02:00
89de83c994
add explanation on HEADERS parameter to request_failure hook ( fixes #545 )
2018-04-25 22:48:16 +02:00
53c458c318
fix parameter
2018-04-15 16:08:30 +02:00
8ba56a8048
renamed ocsp hook to deploy_ocsp, exported altnames, added example hook
2018-04-08 22:44:28 +02:00
13b8a3f29f
fix date in man page
2018-04-08 22:21:33 +02:00
7c40c727a0
Improve documentation on wildcards
...
Improve the documentation on how to use wildcard domains.
Also give more examples in the docs/examples/domains.txt file.
2018-03-17 13:27:15 +01:00
b93eac3893
fixed CA url in example config
2018-03-13 21:08:20 +01:00
0211d24577
require a valid alias to be set for certain wildcard certificates ( fixes #483 )
2018-03-02 18:53:00 +01:00
5940c55e18
prepared future migration to new acmev2 endpoint
2018-02-07 03:14:29 +01:00
2eedd69ee9
request_failure hook: added http response headers as new parameter
2018-02-06 23:33:28 +01:00
082ed17a0a
added acmev2 staging information to docs
2018-02-06 21:58:42 +01:00
dec5ad5840
read url to terms of service from ca directory
2018-02-06 21:58:42 +01:00
83bf2664b0
added a few simple example use cases to example hook script
2018-02-06 21:13:37 +01:00
63854b752b
New hook: generate_csr (see example hook script for more information, implements #475 , replaces #377 )
2018-02-06 20:57:33 +01:00
62d37c9b3d
Fix grammer error in the manpage ( fixes #466 )
...
"allows to" requires a subject (e.g. "allows one to"), without it's just
syntactically wrong. Change the verb entirely to workaround the
problem.
2018-02-06 19:14:12 +01:00
b53cb6643b
moved manpage to docs directory
2018-02-06 18:53:21 +01:00
fb41783885
automatic discovery of remote acme api version
2018-02-05 19:20:28 +01:00
6d02bfdb42
shrink "logo" a bit
2018-02-03 22:14:43 +01:00
afba7c694c
moved deploy_challenge to earlier loop so it works with multiple challenge tokens on the same identifier (important for wildcard certificate), fixed array-name, removed hook-chain warning
2018-01-28 19:48:25 +01:00
471899b4d8
Add ^~ to nginx location block
...
To make sure it is not overridden.
> http://nginx.org/en/docs/http/ngx_http_core_module.html#location :
> If the longest matching prefix location has the “^~” modifier then regular expressions are not checked.
2018-01-28 06:18:10 +01:00
0f69481e2b
rewrote challenge validation to iterate over authorizations instead of altnames (fixes some acmev2 validation edgecases), also removed broken test-script (for now)
2018-01-28 06:13:37 +01:00
68cb1e0661
ACME v02 Support
2018-01-13 20:17:25 +01:00
2adc57791c
Add optional user and group configuration ( fixes #434 )
2017-12-18 00:35:26 +01:00
c62f3d91fc
implement certificate aliases as suggested by typingArtist ( fixes #396 )
2017-12-17 23:50:46 +01:00
88267db7e2
Update wellknown.md
...
add Hiawatha to list
2017-12-14 00:33:11 +01:00
58647cab65
added OPENSSL variable to example config ( #414 )
2017-07-18 15:46:25 +02:00
ee75c5dca7
Initial support for fetching OCSP status to be used for OCSP stapling (as suggested in #385 )
2017-07-11 00:28:36 +02:00
60583d3ef9
added hook to run before cron command ( fixes #371 )
2017-07-10 21:36:10 +02:00
e6d6882c78
added option to automatically run cleanup routine (implements #389 )
2017-07-10 20:21:30 +02:00
875c1f74e5
Add some formatting to improve human scannability (while reading)
2017-07-10 19:53:39 +02:00
d1f215b652
fixed typos as suggested by @jwilk ( closes #369 )
2017-07-10 16:55:18 +02:00
bd57777c62
Ability to provide extra curl options
...
In some situations it might be necessary to pass extra commands to
the curl binary, e.g. proxy authentication credentials.
Adds the CURL_OPTS config option.
2017-07-10 16:44:39 +02:00
Marcus Rückert