@WouterTinus WouterTinus released this Oct 25, 2018 · 8 commits to master since this release

Assets 3

Enhancements

Add option to set specific IP address on default binding (#217) - thanks @programcsharp

Bug fixes

In rare circumstances problematic binding changes were made to IIS (#915)
Fix regression #942 which was caused by the fix for #897

Pre-release

@WouterTinus WouterTinus released this Sep 22, 2018 · 14 commits to master since this release

Assets 3

Do not use this version

It seems a critical bug has slipped into this release that causes IIS binding updates to fail in some cases. Please download the previous release until this bug is fixed, unless you are sure it doesn't affect you.

New feature

  • SFTP plugin to transfer validation file, complimenting existing FTP(S)/WebDav plugins, thanks Jason Poff

Enhancements

  • The executable is now (self)signed, which may help with false positives from AV products on each release
  • Add example script ImportFTPServer.ps1, thanks @mmattes
  • NuGet package updates
  • Minor UI fixes thanks to @georg-jung

Bug fixes

  • Pretend that IIS is not installed when no sites are detected (#916)
  • Fix edge case where duplicate binding could be created in IIS on initial setup (#897)

@WouterTinus WouterTinus released this Jun 1, 2018 · 38 commits to master since this release

Assets 3

Bug fixes

Fix support for (authenticated) proxies (#862, thanks @josegerez)
Fix for non-English versions of Windows (#864, thanks @i3laze)

@WouterTinus WouterTinus released this May 19, 2018 · 40 commits to master since this release

Assets 3

Bug fixes

  • Fix bug introduced in 1.9.11.0 that made it impossible to combine a manual target with the IIS installer in interactive mode (#860, #853)
  • Additional instances of PathTooLongException fixed (#854)

@WouterTinus WouterTinus released this May 12, 2018 · 43 commits to master since this release

Assets 3

New feature

  • Add command line parameter and advanced mode option to choose the Common Name for a certificate, thanks @georg-jung

Enhancements

  • Add new command line parameter and backing field for the FTP installer, so that a single renewal can be used to install certificates to both FTP and Web, thanks @ptsoccer
  • Add example script for SSTP, thanks @filthyfreak
  • Update NuGet packages
    • Microsoft.Web.Administration from 11.0 to 11.1
    • WebDAVClient from 1.1.2 to 1.1.3
    • TaskScheduler from 2.6.5 to 2.8.1
    • Serilog from 2.5.0 to 2.6.0
    • Newtonsoft.Json from 10.0.3 to 11.0.2
    • Nager.PublicSuffix from 1.1.0 to 1.2.0
    • Autofac from 4.6.2 to 4.8.1
    • BouncyCastle from 1.8.1 to 1.8.2
    • CommandLineParser from 2.1.1-beta to 2.2.1
    • Various Microsoft .NET libraries
  • Removed superfluous packages to reduce package size, thanks @georg-jung
  • Add specific error about wildcard support not being available yet (#464)
  • Improved phrasing for certificates that are not due for renewal yet ("not scheduled" can make people worry that something is wrong/missing).

Bug fixes

  • Prevent misconfigured IIS sites from bringing down the program (#785)
  • Prevent running into PathTooLongException on long lists of sites (#854)
Pre-release
Pre-release

@WouterTinus WouterTinus released this May 2, 2018 · 29 commits to 3430bae67f3adc7c87ceb1002b3e4df8d0e0f3b4 since this release

Assets 3

This is an automatic build of the master branch, provided as convenience for those willing to try bleeding edge changes. Not recommended for production.

@WouterTinus WouterTinus released this Mar 28, 2018 · 98 commits to master since this release

Assets 3

This is a small maintenance release.

Enhancements

  • Support for authenticated proxies, thanks @gregorygsmith
  • Updated example scripts, thanks @LBegnaud
  • Add verbose logging to FileSystem validation

Bug fixes

  • Fixed crash on listing validation errors
  • More error handling around plugin loading
  • Fix TLS-SNI-01 validation failing on sites with nameless bindings

@WouterTinus WouterTinus released this Mar 12, 2018 · 110 commits to master since this release

Assets 3

New feature

  • IIS FTP plugin, can be used to set the certificate for IIS FTP sites

Enhancements

  • Show custom certificate store (if any) in the certificate details
  • Sort menu options for target/validation/installation plugins alphabetically
  • Consistent ordering of renewals across different menu options, thanks @Dragonsangel
  • Don't show warnings about hidden sites
  • Make ClientName a configurable option with a default value of win-acme for new installs. This affects the default ConfigurationPath and name of the scheduled task
  • Don't create a subfolder with the ClientName when a custom ConfigurationPath is provided (but keep using it when it's already there)
  • Change default date formatting to 24 hour format, thanks @georg-jung
  • Set negative process exit code when something bad happens during (one of the) unattended renewals (#780)

Bug fixes

  • Restore the application manifest to let Windows know we want to run as administrator, preventing all kinds of security related errors if you forget to do so yourself (#769)
  • Use configured proxy server when retrieving certificates for the full chain (#782)
  • Better (non-fatal) handling of errors when a renewal target cannot be refreshed
  • Don't try to find SiteId 0 when no ValidationSiteId has been specified (#776)

@WouterTinus WouterTinus released this Feb 22, 2018 · 142 commits to master since this release

Assets 3

New name

This is the first release of this program under a new name. Going forward we will call it "Windows ACME Simple", which can be shortened to "win-acme" or "WACS". The reason is that we want to avoid any confusion people might have about this programs relationship with the ISRG sponsored Let's Encrypt project.

To be clear, we are not an ISRG supported client, just an independent group of people who want to help people managing Microsoft Windows machines to secure the web.

Let's Encrypt literally wrote the book on the ACME protocol and is obviously the most popular service implementing it, but in fact everyone is free to run their own ACME server and we might see a lot more of them in the future. Therefore it also makes sense to drop "letsencrypt" from the name of this program.

New home

This program was originally created by @Lone-Coder (Bryan Livingston) who deserves a lot of credit for getting it out there. In the world of IT it's never a good idea to depend too much on a single person though, so the fact that a tool that people rely on in production was just available from someones personal GitHub account never felt comfortable.

We're now happy to have found a new home under the umbrella of the PKISharp organisation, which is group of people collaborating on .NET-based tools around ACME. This will ensure more continuity and make it easier to collaborate on new developments such as ACMEv2.

New features

  • Installation plugins can no be loaded from external assemblies (#733)
  • Add parameter to allow self-hosting validation to listen to another port (#742)

Enhancements

  • Hide unavailable target plugins in interactive mode (#758)
  • Hide unavailable validation methods in interactive mode (#760)
  • For new installs, renewals are stored in the ConfigurationPath instead of the registry (#756)
  • Much-improved example script for Microsoft Exchange deployments (#702) - thanks @LBegnaud
  • Store application settings in a separate file which is not in the .zip, making upgrades easier (#720)

Bug fixes

  • Better error handling for private key conversion errors (#741)
  • Don't reuse cached certificate after it's been revoked (#734)
  • Build script works with larger selection of Visual Studio versions (#759) - thanks @Dzoge