Changelog for
dehydrated-0.7.0+1.g3a77955-1.29.noarch.rpm :
* Thu Dec 10 2020 daniel.molkentinAATTsuse.com- Update to version 0.7.0+1.g3a77955:
* bump changelog for new draft releases
* preparing for release 0.7.0
* use normal error behaviour for failing http requests (fixes #782)
* allow to set domains.txt as cli argument (fixes #678)
* use secp384r1 as default (instead of rsa, fixes #651)
* use secp384r1 as default (instead of rsa, fixes #651)
* adding new CLI Command (--cleanupdelete / -gcd) to cleanup+delete (instead of just moving to /archive) (closes #587)
* allow setting OCSP_FETCH and OCSP_DAYS per certificate config (closes #602, thx AATTbjacke)
* cleanup: also remove dangling symlinks
* cleanup: also do cleanup if symlink is broken (closes #667)
* make alpn-validation certificates and keys group readable (closes #754, fixes #753)
* Fix OCSP_FETCH with libressl
* Thu Dec 10 2020 daniel.molkentinAATTsuse.com- Update to version 0.6.5+52.g481aba7:
* remove quotes from per-cert-config vars to allow for spaces (fixes #789, closes #791)
* changed method for parsing issuer cn, fixing compatibility with some openssl versions
* show available options if preferred chain is not found
* fix spaces in sudo arguments
* Mon Nov 16 2020 daniel.molkentinAATTsuse.com- Update to version 0.6.5+48.gc670c18:
* added display-terms to changelog+readme
* add --display-terms to display the URL for the current ToS
* added support for requesting preferred-chain instead of default chain
* Wed Sep 30 2020 daniel.molkentinAATTsuse.com- Update to version 0.6.5+45.g7d3288f:
* one more \\s -> [[:space:]] replacement
* Replace \\s with [[:space:]] for compatibility
* Complain about deactivated accounts
* implement account deactivation through --deactivate parameter
* Don\'t require sudo before we know we really need it
* Do not fail silently with invalid sudo user/group
* add more CAs, now that support for CA presets is implemented
* fix OS name detection
* Thu Sep 17 2020 daniel.molkentinAATTsuse.com- Update to version 0.6.5+37.gb3abc41:
* tmpfix: log error if acmev1 validation is denied + fix unbound variable
* eab: use hex key instead of binary (fixes issue with nullbytes)
* do not fail on challenge in \"processing\" state (fixes #759)
* fixed bad typo..
* readme+changelog
* EAB + ZeroSSL support
* read boolean values from json
* removed accidental shebang
* use presets for some CAs instead of requiring full urls
* Mon Sep 14 2020 daniel.molkentinAATTsuse.com- Update to version v0.6.5+suse.28.g42a0fc9:
* fix tls-alpn-01 configuration example
* fixed some typos (fixes #725, fixes #741, fixes #740)
* removed tmp file in \'generate_alpn_certificate\' function
* fixed zsh compatibility
* merged temporary json.sh into dehydrated, fixed authorization \"pending\" loop
* experimental json.sh support
* Use existing curl version var
* removed instructions for importing from \"official\" client (certbot) as it probably doesn\'t work anymore and there isn\'t really much use for it anyway
* fix link to wiki in documentation (fixes #690)
* reworked dependency check and moved it up a bit in code (fixes #715, resolves #717 again...)
* Mon Sep 14 2020 Daniel Molkentin
- Reenable nginx subpackage for factory
* Mon Jun 29 2020 Daniel Molkentin - Update maintainer file and package description, remove features that are better described in the (upstream maintained) man page.
* Mon Jun 29 2020 Daniel Molkentin - Remove potentially harmful scriptlet (bsc#1154167). Documented transition case in the maintainer README. Unlikely enough. The versions that have not transitioned yet would be broken for more than two years now.
* Wed May 06 2020 Daniel Molkentin - Removed lighttpd 1.x integration package. If you still would like to use lighttpd with dehydrated, follow the instructions in the README.maintainers file.
* Mon Apr 20 2020 Daniel Molkentin - Fix lighttpd config file (boo#1169834)- Provide nginx subpackage for SLE 15+ (jsc#SLE-11727)
* Mon Feb 03 2020 Dominique Leuenberger - Drop systemd BuildRequires: pkgconfig(systemd) is already in place and is synonymous.
* Thu Oct 17 2019 Richard Brown - Remove obsolete Groups tag (fate#326485)
* Sat Aug 10 2019 Daniel Molkentin - Behavioral change: Use cron only for older RHEL/CentOS versions (along with SLE < 12.0). Everything else now uses systemd. Please adopt accordingly! Refer to README.md for
* Wed Jun 26 2019 Daniel Molkentin - Update to dehydrated 0.6.5
* Fixed broken APIv1 compatibility from last update
* Tue Jun 25 2019 Daniel Molkentin - Update to dehydrated 0.6.4
* Fetch account ID from Location header instead of account json (bsc#1139408)- Update to dehydrated 0.6.3
* OCSP refresh interval is now configurable
* Implemented POST-as-GET
* Call exit_hook on errors (with error-message as first parameter)
* Initial support for tls-alpn-01 validation
* New hook: sync_cert (for syncing certificate files to disk, see example hook description)
* Fetch account information after registration to avoid missing account id
* Tue Jan 22 2019 Daniel Molkentin - Remove RandomizedDelaySec attribute for distros with older systemd (boo#1110697)
* Fri Apr 27 2018 daniel.molkentinAATTsuse.com- Update to dehydrated 0.6.2
* removes 0001-fixed-CA-url-in-example-config.patch
* removes 0002-don-t-walk-certificate-chain-for-ACMEv2-certificate-.patch Added
* New deploy_ocsp hook
* Allow account registration with custom key Changed
* Don\'t walk certificate chain for ACMEv2 (certificate contains chain by default)
* Improved documentation on wildcards Fixes
* Added workaround for compatibility with filesystem ACLs
* Close unwanted external file-descriptors
* Fixed JSON parsing on force-renewal (bsc#1091216)
* Fixed cleanup of challenge files/dns-entries on validation errors
* A few more minor fixes
* Thu Mar 15 2018 daniel.molkentinAATTsuse.com- Don\'t add intermediate certificates twice when using ACMEv2 (bsc#1085305)
* Adds 0002-don-t-walk-certificate-chain-for-ACMEv2-certificate-.patch
* Wed Mar 14 2018 daniel.molkentinAATTsuse.com- Fix issues introduced by 0.6.1 (bsc#1085305)
* bring back man page
* reflect new endpoint in (commented out) config file section (adds 0001-fixed-CA-url-in-example-config.patch, backported from upstream\'s master branch)
* Tue Mar 13 2018 daniel.molkentinAATTsuse.com- Updated dehydrated to 0.6.1 (bsc#1084854)
* Use new ACME v2 endpoint by default
* Mon Mar 12 2018 daniel.molkentinAATTsuse.com- Updated dehydrated to 0.6.0 (bsc#1084854) Changed
* Challenge validation loop has been modified to loop over authorization identifiers instead of altnames (ACMEv2 + wildcard support)
* Removed LICENSE parameter from config (terms of service is now acquired directly from the CA directory) Added
* Support for ACME v02 (including wildcard certificates!)
* New hook: generate_csr (see example hook script for more information)
* Calling random hook on startup to make it clear to hook script authors that unknown hooks should just be ignored...
* Mon Jan 15 2018 daniel.molkentinAATTsuse.com- Remove redundant noarch entries. They cause an error in RPM 4.14.
* Mon Jan 15 2018 daniel.molkentinAATTsuse.com- Updated dehydrated to 0.5.0 This removes the following patches and files, which are now part of the upstream package:
* 0001-Add-optional-user-and-group-configuration.patch
* 0002-use-nullglob-disable-warning-on-empty-CONFIG_D-direc.patch
* dehydrated.1: the man page has been adopted by upstream Starting with this version, upstream introduced signed releases, which is now being used for source validation. Upstream changes: Changed
* Certificate chain is now cached (CHAINCACHE)
* OpenSSL binary path is now configurable (OPENSSL)
* Cleanup now also moves revoked certificates Added
* New feature for updating contact information (--account)
* Allow automatic cleanup on exit (AUTO_CLEANUP)
* Initial support for fetching OCSP status to be used for OCSP stapling (OCSP_FETCH)
* Certificates can now have aliases to create multiple certificates with identical set of domains (see --alias and domains.txt documentation)
* Allow dehydrated to run as specified user (/group). This was already available previously as a patch to this package.
