Assets 3
  • When you move the last domain name from an MD to another one, that now empty MD gets moved
    to the store archive. The JSON file will still show the last domain, in case you want
    to ressurect after a (human) configuration error. Fixes PR 62572
    (see https://bz.apache.org/bugzilla/show_bug.cgi?id=62572).

@icing icing released this Jun 29, 2018 · 3 commits to master since this release

Assets 3
  • Using libressl new integration of openssl API functions when available.
  • making some timed wait in test_0700 more robust

@icing icing released this Jun 28, 2018 · 4 commits to master since this release

Assets 3
  • Preventing other modules from messing with challenge repsonses. Fix by @mkauf. Thanks!

@icing icing released this Jun 26, 2018 · 5 commits to master since this release

Assets 3
  • adding test cases for accessing a variety of paths for http-01 challenges to confirm
    proper http responses (see #92). Reworked handler to fix edge cases discovered.
  • adapted test cases for new ACME boulder versions that shifted ACMEv1 to another port
  • adapted test case domain from the now forbidden example.org to not-forbidden.org

@icing icing released this Jun 4, 2018 · 6 commits to master since this release

Assets 3
  • less confusing logging when MDNotifyCmd returns a failure exit code
  • MDNotifyCmd can be configured with arguments to which the managed domain
    names are appended on invocation
  • added more test cases for MDNotifyCmd use

@icing icing released this Mar 19, 2018 · 10 commits to master since this release

Assets 3
  • fixes error in renew window calculation that may lead to mod_md running
    watchdog in a tight loop until actual renewal becomes necessary.
  • /.well-known/acme-challenge requests that cannot be answered for hostnames
    outside the configured MDs are free to be answered by other handlers. This allows
    co-existance between mod_md and other ACME clients on the same server (implements PR62189).
    Suggested by Arkadiusz Miskiewicz arekm@maven.pl.

@icing icing released this Mar 15, 2018 · 11 commits to master since this release

Assets 3
  • Removed bould check from configure. Not everone building the module needs it installed.
    Fixes #76.
  • Tests with boulder now need a mater revision >= 2018-01-10 or you will see failures in the
    0800 tests.
  • Updated with log format fixes and copyright ASF insistence from apache httpd trunk

@icing icing released this Jan 5, 2018 · 15 commits to master since this release

Assets 3
  • new configuration directive "MDBaseServer on|off" to allow/inhibit management of the base
    server domains outside VirtualHosts. By default, this is "off", e.g. mod_md will not manage
    certificates or perform https: redirections on the base server. This follows the
    principle of least surprise.
  • Fixed gcc warnings.

@icing icing released this Jan 2, 2018 · 19 commits to master since this release

Assets 3
  • MDMustStaple was unable to create the necessary OpenSSL OBJ identifier on some platforms,
    possibly because this fails if the OID is already configured in openssl.cnf, see
    here.
  • Two memory leaks in cert issuer and alt-names lookup eliminated by Yann Ylavic.
  • Changing MDMustStaple triggers certificate renewal.

@icing icing released this Dec 27, 2017 · 24 commits to master since this release

Assets 3
  • Fixing a bug when code in assert() checks is not executed.