@ebekker ebekker released this Oct 26, 2017 · 15 commits to master since this release

Assets 2
  • Adding support for messages written by Challenge Handlers; this will be useful for Handlers to write messages meant for human consumption, like when a server is configured for handling the Challenge, what URL to expect the result to come from.

  • Changing default "output behavior" of Manual Challenge Handler:

    • By default, won't write output to STDOUT, but output will be captured as message attached to Authorization State
    • You can override this behavior and specify STDOUT to mimic the old behavior. All other settings are preserved by the Manual Challenge Handler.
    • When an output is specified, the message will be written to both the output target, and captured by the authorization state.
    • This applies to both handling the Challenge and also cleaning up after handling the Challenge.
  • Adding support for standard logging in base and extension packages

  • BREAKING CHANGE for DEVELOPERS: The interface for Challenge Handlers has been improved but breaks backward compatibility if you wrote your own handler.

  • Added new Provider for DNSMadeEasy, contributed by @MatthewSteeples in #254.

  • Corrected and made configurable the client's agent string, contributed by @Marcus-L in #300

  • Support for Cert Revocation added to client, thanks @Marcus-L in #301 (note, not yet exposed in PS library)

  • Fix a PFX export issue, thanks to @crou in #306

  • Finally, add support for TLS-SNI challenge type, many thanks to @WouterTinus and @Marcus-L in #308

@ebekker ebekker released this Mar 2, 2017 · 79 commits to master since this release

Assets 2


  • Updated and greatly expanded documentation
  • New PKI Certificate Provider based on Bouncy Castle
  • New CloudFlare Challenge Handler - thanks @janpieterz!
  • Installers! Finally, installers are back and better than ever. In this release we're starting out with support for the following installers:
    • Windows - Certificate Store
    • IIS
    • AWS - IAM, ELB
  • Added a parameter flag to the Manual Challenge Handlers to allow generating machine-digestible responses that can be easily integrated into a larger PowerShell script (#270)

PowerShell Module

  • Ability to choose PKI Cert Provider on relevant cmdlets
  • Ability to assign a default PKI Cert Provider to the in the Vault
  • Implemented a new "Extension Module" model that allows installing/enabling different providers as needed
    • CloudFlare will be the first new provider to use this mechanism under POSH
    • Existing providers for IIS and AWS have been migrated and pulled out of the core module
  • Deprecated use of chocolatey to install POSH module, moved to PowerShell Gallery for all supported POSH versions (3,4,5)


  • Many changes and enhancements in the build/test/publish infrastructure which should make it easier to release more frequently
  • Many changes and enhancements under the hood which should help to implement user-facing changes more easily and rapidly going forward
  • We now have a dedicated nuget repo for early access to PowerShell Modules available as soon as they are built; this gives everyone a chance to preview module changes before they are officially released to the PowerShell Gallery
  • Added option to disable local disk encryption (EFS) for the default Vault provider (this was breaking for some people who were running on Windows editions or file systems where EFS was not available)
  • Provider names are now case-insensitive
  • Added support for Provider aliases to better handling of renaming and transitioning in a backward-compatible way
Jan 4, 2017