SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for dehydrated-0.6.1-2.1.noarch.rpm :

* Thu Mar 15 2018 daniel.molkentinAATTsuse.com- Don\'t add intermediate certificates twice when using ACMEv2 (bsc#1085305)
* Adds 0002-don-t-walk-certificate-chain-for-ACMEv2-certificate-.patch
* Wed Mar 14 2018 daniel.molkentinAATTsuse.com- Fix issues introduced by 0.6.1 (bsc#1085305)
* bring back man page
* reflect new endpoint in (commented out) config file section (adds 0001-fixed-CA-url-in-example-config.patch, backported from upstream\'s master branch)
* Tue Mar 13 2018 daniel.molkentinAATTsuse.com- Updated dehydrated to 0.6.1 (bsc#1084854)
* Use new ACME v2 endpoint by default
* Mon Mar 12 2018 daniel.molkentinAATTsuse.com- Updated dehydrated to 0.6.0 (bsc#1084854) Changed
* Challenge validation loop has been modified to loop over authorization identifiers instead of altnames (ACMEv2 + wildcard support)
* Removed LICENSE parameter from config (terms of service is now acquired directly from the CA directory) Added
* Support for ACME v02 (including wildcard certificates!)
* New hook: generate_csr (see example hook script for more information)
* Calling random hook on startup to make it clear to hook script authors that unknown hooks should just be ignored...
* Mon Jan 15 2018 daniel.molkentinAATTsuse.com- Remove redundant noarch entries. They cause an error in RPM 4.14.
* Mon Jan 15 2018 daniel.molkentinAATTsuse.com- Updated dehydrated to 0.5.0 This removes the following patches and files, which are now part of the upstream package:
* 0001-Add-optional-user-and-group-configuration.patch
* 0002-use-nullglob-disable-warning-on-empty-CONFIG_D-direc.patch
* dehydrated.1: the man page has been adopted by upstream Starting with this version, upstream introduced signed releases, which is now being used for source validation. Upstream changes: Changed
* Certificate chain is now cached (CHAINCACHE)
* OpenSSL binary path is now configurable (OPENSSL)
* Cleanup now also moves revoked certificates Added
* New feature for updating contact information (--account)
* Allow automatic cleanup on exit (AUTO_CLEANUP)
* Initial support for fetching OCSP status to be used for OCSP stapling (OCSP_FETCH)
* Certificates can now have aliases to create multiple certificates with identical set of domains (see --alias and domains.txt documentation)
* Allow dehydrated to run as specified user (/group). This was already available previously as a patch to this package.
* Fri Oct 20 2017 mrueckertAATTsuse.de- revert accidental change to the service file
* Fri Oct 20 2017 mrueckertAATTsuse.de- actually try to find the real path to bash and don\'t hardcode /usr/bin/bash
* Thu Oct 19 2017 daniel.molkentinAATTsuse.com- Use /usr/bin/bash directly, rather than via env
* Wed Oct 18 2017 daniel.molkentinAATTsuse.com- Use sudo instead of su to allow for argument handling, also works in all cases when no login shell is assigned to the dehydrated user
* updates 0001-Add-optional-user-and-group-configuration.patch
* Tue Oct 17 2017 daniel.molkentinAATTsuse.com- Commands in service files need some escaping after all. Fix ExecStartPost.
* Mon Oct 16 2017 daniel.molkentinAATTsuse.com- In the timer service, execute root post run hooks in ExecStartPost
* Mon Oct 16 2017 daniel.molkentinAATTsuse.com- Fix run of root hooks- Simplify root hook execution, this is also more robust
* Thu Oct 05 2017 daniel.molkentinAATTsuse.com- Remove unused hooks directory- Introduced a directory for custom post-run hooks executed as root, see README.SUSE for details. (not to be confused with the native hooks run as dehyrated user)
* Fri Sep 29 2017 daniel.molkentinAATTsuse.com- Clarify necessity of enabling dehydrated.timer in README.SUSE- Submit to SLE15 as per fate#323377- Add optional post run hook directory, executed by cron/systemd after dehydrated --cron has run- Remove hook directory intended for packaging other native hooks. Will be approach differently
* Wed Sep 27 2017 daniel.molkentinAATTsuse.com- No longer require nginx or lighttpd for SLE- Never go as far as to require acmeresponder, it might not be available- Drop -update from dehydrated-update.{timer,socket} for consistency- Add distro specific README.SUSE / README.Fedora- Ran spec-cleaner
* Fri Sep 22 2017 daniel.molkentinAATTsuse.com- Add man page- Ensure dehydrated is always run as designated user
* adds 0001-Add-optional-user-and-group-configuration.patch- Introduce config.d directory for user configuration- Avoid warning about empty config.d directory
* adds 0002-use-nullglob-disable-warning-on-empty-CONFIG_D-direc.patch- Fix sed warning about unescaped curly braces in regex
* Tue Sep 19 2017 daniel.molkentinAATTsuse.com- Swap statements in post: installing services requires tmp.d
* Tue Sep 19 2017 daniel.molkentinAATTsuse.com- (Weak) dependency on dehydrated-acmeresponder.
* Thu Sep 14 2017 daniel.molkentinAATTsuse.com- systemd update service: ConditionPathExists goes into [Unit] section
* Wed Sep 13 2017 daniel.molkentinAATTsuse.com- Use timer instead of cron for systemd-enabled distros Note: Timer must be explicitly enabled!
* Tue Feb 21 2017 daniel.molkentinAATTsuse.com- Drop the (undocumented) dependeny for mod_headers
* Sat Feb 18 2017 danielAATTmolkentin.de- Unify configuration file source names
* Sat Feb 18 2017 danielAATTmolkentin.de- Bump to 0.4.0
* Thu Feb 02 2017 daniel.molkentinAATTsuse.com- More dependency fixes
* Thu Feb 02 2017 daniel.molkentinAATTsuse.com- Make nginx and lighttpd packages into features Default-disable them on distros where we cannot provide a dependency.
* Thu Feb 02 2017 daniel.molkentinAATTsuse.com- Fix build on Fedora
* Thu Feb 02 2017 mrueckertAATTsuse.de- make permissions of the lighty and nginx config files tighter
* Thu Feb 02 2017 mrueckertAATTsuse.de- only own the configuration files and not the whole directory tree - add BR for nginx, lighttpd, apache2 to handle directory ownership
* Thu Jan 12 2017 mrueckertAATTsuse.de- with making the permissions more tight ... dehydrated can not write its lock file anymore to /etc/dehydrated. To fix this we now create /var/run/dehydrated (sysvinit) or /run/dehydrated (systemd) and point the lock file in the default config to that directory. Please adapt your local config files accordingly.
* Thu Jan 12 2017 mrueckertAATTsuse.de- change permissions of /etc/dehydrated to: root:dehydrated u=rwx,g=rx,o=- create the subdirs that dehydrated would create later anyway: /etc/dehydrated/accounts /etc/dehydrated/certs dehydrated::dehydrated u=rwx,go=- tighten up permissions on /etc/dehydrated/config /etc/dehydrated/domain.txt root:root u=rw,go=r -> root:dehydrated u=rw,g=r,o= /etc/dehydrated/hook.sh root:root u=rw,go=r -> root:dehydrated u=rwx,g=rx,o=
* Wed Nov 23 2016 danielAATTmolkentin.de- Add lighttpd configuration via dehydrated-lighttpd
* Mon Nov 14 2016 jengelhAATTinai.de- Test for user/group before adding them and don\'t suppress errors
* Thu Nov 10 2016 danielAATTmolkentin.de- Fix MIN HOUR order in crontab (boo#1009452)
* Tue Sep 13 2016 danimoAATTowncloud.com- Bump to v0.3.1- Rename to dehydrated
* Sun May 22 2016 danimoAATTowncloud.com- Bump to v0.2.0- This version fixes a json-parsing bug which made letsencrypt.sh incompatible with up-to-date ACME servers.- PRIVATE_KEY config parameter has been renamed to ACCOUNT_KEY to avoid confusion with certificate keys- deploy_cert hook now also has the certificates timestamp as standalone parameter- Temporary files are now identifiable (template: letsencrypt.sh-XXXXXX)- Private keys are now regenerated by default- Added documentation to repository- Fixed bug with uppercase names in domains.txt (script now converts everything to lowercase)- mktemp no longer uses the deprecated -t parameter.- Compatibility with \"pretty\" json
* Wed Apr 20 2016 danimoAATTowncloud.com- Explicitly add group and license, required for SLES 11
* Wed Apr 20 2016 danimoAATTowncloud.com- Add nginx integration package- Proper dir permissions for apache package (755, not 644)
* Mon Apr 18 2016 drahtAATTschaltsekun.de- fix build requirement for shadow (>=openSUSE-12.3) and pwdutils (before 12.3).- missing changelog for last change by danimo: do not require mod_ssl for suse distrbutions.
* Mon Mar 28 2016 danimoAATTowncloud.com- Add alias to /.well-known/acme-challenge by default
* Sat Mar 26 2016 danimoAATTowncloud.com- Add cron, do not remove letsencrypt user, adjust permissions
* Fri Mar 25 2016 danimoAATTowncloud.com- Initial commit
 
ICM