Skip to content

@lukas2511 lukas2511 released this Jun 26, 2019 · 3 commits to master since this release

[0.6.5] - 2019-06-26

Fixed

  • Fixed broken APIv1 compatibility from last update
Assets 4

@lukas2511 lukas2511 released this Jun 25, 2019 · 4 commits to master since this release

[0.6.4] - 2019-06-25

Changed

  • Fetch account ID from Location header instead of account json
Assets 4

@lukas2511 lukas2511 released this Jun 25, 2019 · 5 commits to master since this release

[0.6.3] - 2019-06-25

Changed

  • OCSP refresh interval is now configurable
  • Implemented POST-as-GET
  • Call exit_hook on errors (with error-message as first parameter)

Added

  • Initial support for tls-alpn-01 validation
  • New hook: sync_cert (for syncing certificate files to disk, see example hook description)

Fixes

  • Fetch account information after registration to avoid missing account id
Assets 4

@lukas2511 lukas2511 released this Apr 27, 2018 · 24 commits to master since this release

[0.6.2] - 2018-04-25

Added

  • New deploy_ocsp hook
  • Allow account registration with custom key

Changed

  • Don't walk certificate chain for ACMEv2 (certificate contains chain by default)
  • Improved documentation on wildcards

Fixes

  • Added workaround for compatibility with filesystem ACLs
  • Close unwanted external file-descriptors
  • Fixed JSON parsing on force-renewal
  • Fixed cleanup of challenge files/dns-entries on validation errors
  • A few more minor fixes
Assets 4

@lukas2511 lukas2511 released this Mar 13, 2018 · 46 commits to master since this release

[0.6.1] - 2018-03-13

Changed

  • Use new ACME v2 endpoint by default
Assets 4

@lukas2511 lukas2511 released this Mar 11, 2018 · 49 commits to master since this release

[0.6.0] - 2018-03-11

Changed

  • Challenge validation loop has been modified to loop over authorization identifiers instead of altnames (ACMEv2 + wildcard support)
  • Removed LICENSE parameter from config (terms of service is now acquired directly from the CA directory)

Added

  • Support for ACME v02 (including wildcard certificates!)
  • New hook: generate_csr (see example hook script for more information)
  • Calling random hook on startup to make it clear to hook script authors that unknown hooks should just be ignored...
Assets 4

@lukas2511 lukas2511 released this Jan 13, 2018 · 95 commits to master since this release

[0.5.0] - 2018-01-13

Changed

  • Certificate chain is now cached (CHAINCACHE)
  • OpenSSL binary path is now configurable (OPENSSL)
  • Cleanup now also moves revoked certificates

Added

  • New feature for updating contact information (--account)
  • Allow automatic cleanup on exit (AUTO_CLEANUP)
  • Initial support for fetching OCSP status to be used for OCSP stapling (OCSP_FETCH)
  • Certificates can now have aliases to create multiple certificates with identical set of domains (see --alias and domains.txt documentation)
  • Allow dehydrated to run as specified user (/group)
Assets 3

@lukas2511 lukas2511 released this Feb 5, 2017 · 153 commits to master since this release

[0.4.0] - 2017-02-05

Changed

  • dehydrated now asks you to read and accept the CAs terms of service before creating an account
  • Skip challenges for already validated domains
  • Removed need for some special commands (BusyBox compatibility)
  • Exported a few more variables for use in hook-scripts
  • fullchain.pem now actually contains the full chain instead of just the certificate with an intermediate cert

Added

  • Added private-key rollover functionality
  • Added --lock-suffix option for allowing parallel execution
  • Added invalid_challenge hook
  • Added request_failure hook
  • Added exit_hook hook
  • Added standalone register command
Assets 3

@lukas2511 lukas2511 released this Sep 13, 2016 · 198 commits to master since this release

With this release letsencrypt.sh was renamed to dehydrated.

Reason for this was a violation of the Let's Encrypt Trademark Policy, there was no possibility to keep the old name.

This will unfortunately break a few setups, so make sure you rename your configs and WELLKNOWN directory according to the new defaults.

See CHANGELOG below for details:

[0.3.1] - 2016-09-13

Changed

  • Renamed project to dehydrated.
  • Default WELLKNOWN location is now /var/www/dehydrated
  • Config location is renamed to dehydrated (e.g. /etc/dehydrated)
Assets 3

@lukas2511 lukas2511 released this Sep 13, 2016 · 202 commits to master since this release

This release adds a few new options and has a few changed default parameters, see CHANGELOG below:

[0.3.0] - 2016-09-07

Changed

  • Config is now named config instead of config.sh!
  • Location of domains.txt is now configurable via DOMAINS_TXT config variable
  • Location of certs directory is now configurable via CERTDIR config variable
  • signcsr command now also outputs chain certificate if --full-chain/-fc is set
  • Location of account-key(s) changed
  • Default WELLKNOWN location is now /var/www/letsencrypt
  • New version of Let's Encrypt Subscriber Agreement

Added

  • Added option to add CSR-flag indicating OCSP stapling to be mandatory
  • Initial support for configuration on per-certificate base
  • Support for per-CA account keys and custom config for output cert directory, license, etc.
  • Added option to select IP version of name to address resolution
  • Added option to run letsencrypt.sh without locks

Fixed

  • letsencrypt.sh no longer stores account keys from invalid registrations
Assets 2
You can’t perform that action at this time.