mirror of
https://github.com/dehydrated-io/dehydrated.git
synced 2026-03-17 23:03:47 +01:00
84 lines
3.3 KiB
Plaintext
84 lines
3.3 KiB
Plaintext
# Change Log
|
|
This file contains a log of major changes in dehydrated
|
|
|
|
## [x.x.x] - xxxx-xx-xx
|
|
## Changed
|
|
- Challenge validation loop has been modified to loop over authorization identifiers instead of altnames (ACMEv2 + wildcard support)
|
|
|
|
## Added
|
|
- Support for ACME v02 (including wildcard certificates!)
|
|
|
|
## [0.5.0] - 2018-01-13
|
|
## Changed
|
|
- Certificate chain is now cached (CHAINCACHE)
|
|
- OpenSSL binary path is now configurable (OPENSSL)
|
|
- Cleanup now also moves revoked certificates
|
|
|
|
## Added
|
|
- New feature for updating contact information (--account)
|
|
- Allow automatic cleanup on exit (AUTO_CLEANUP)
|
|
- Initial support for fetching OCSP status to be used for OCSP stapling (OCSP_FETCH)
|
|
- Certificates can now have aliases to create multiple certificates with identical set of domains (see --alias and domains.txt documentation)
|
|
- Allow dehydrated to run as specified user (/group)
|
|
|
|
## [0.4.0] - 2017-02-05
|
|
## Changed
|
|
- dehydrated now asks you to read and accept the CAs terms of service before creating an account
|
|
- Skip challenges for already validated domains
|
|
- Removed need for some special commands (BusyBox compatibility)
|
|
- Exported a few more variables for use in hook-scripts
|
|
- fullchain.pem now actually contains the full chain instead of just the certificate with an intermediate cert
|
|
|
|
## Added
|
|
- Added private-key rollover functionality
|
|
- Added `--lock-suffix` option for allowing parallel execution
|
|
- Added `invalid_challenge` hook
|
|
- Added `request_failure` hook
|
|
- Added `exit_hook` hook
|
|
- Added standalone `register` command
|
|
|
|
## [0.3.1] - 2016-09-13
|
|
## Changed
|
|
- Renamed project to `dehydrated`.
|
|
- Default WELLKNOWN location is now `/var/www/dehydrated`
|
|
- Config location is renamed to `dehydrated` (e.g. `/etc/dehydrated`)
|
|
|
|
## [0.3.0] - 2016-09-07
|
|
## Changed
|
|
- Config is now named `config` instead of `config.sh`!
|
|
- Location of domains.txt is now configurable via DOMAINS_TXT config variable
|
|
- Location of certs directory is now configurable via CERTDIR config variable
|
|
- signcsr command now also outputs chain certificate if --full-chain/-fc is set
|
|
- Location of account-key(s) changed
|
|
- Default WELLKNOWN location is now `/var/www/letsencrypt`
|
|
- New version of Let's Encrypt Subscriber Agreement
|
|
|
|
## Added
|
|
- Added option to add CSR-flag indicating OCSP stapling to be mandatory
|
|
- Initial support for configuration on per-certificate base
|
|
- Support for per-CA account keys and custom config for output cert directory, license, etc.
|
|
- Added option to select IP version of name to address resolution
|
|
- Added option to run letsencrypt.sh without locks
|
|
|
|
## Fixed
|
|
- letsencrypt.sh no longer stores account keys from invalid registrations
|
|
|
|
## [0.2.0] - 2016-05-22
|
|
### Changed
|
|
- PRIVATE_KEY config parameter has been renamed to ACCOUNT_KEY to avoid confusion with certificate keys
|
|
- deploy_cert hook now also has the certificates timestamp as standalone parameter
|
|
- Temporary files are now identifiable (template: letsencrypt.sh-XXXXXX)
|
|
- Private keys are now regenerated by default
|
|
|
|
### Added
|
|
- Added documentation to repository
|
|
|
|
### Fixed
|
|
- Fixed bug with uppercase names in domains.txt (script now converts everything to lowercase)
|
|
- mktemp no longer uses the deprecated `-t` parameter.
|
|
- Compatibility with "pretty" json
|
|
|
|
## [0.1.0] - 2016-03-25
|
|
### Changed
|
|
- This is the first numbered version of letsencrypt.sh
|