Skip to content

@mholt mholt released this Feb 15, 2019 · 50 commits to master since this release

This release adds features to specify trusted CA certificates in the proxy middleware, allows disabling log rotation, and fixes numerous bugs with the recent extraction of TLS logic into CertMagic, including self-signed certificates, IP-only certificates, and email address prompts related to creating an ACME CA account. Also added a new third-party plugin directive, extauth.

Most notably, this version supports the ACME TLS-ALPN challenge by default, which replaces the TLS-SNI challenge. Caddy now supports clustering plugins, allowing it to share TLS assets in a fleet configuration and/or behind load balancers using CertMagic's storage implementations. This is a feature that is enterprise-only in competing software distributions, but is free in Caddy!

This release in particular fixes a bug related to the storage paths of certificates. If you have any files in ~/.local/share/certmagic that were not there before, consider moving them to ~/.caddy (or whatever your $CADDYPATH is).

v0.11.3 is also built on Go 1.11.5 which includes security fixes.

It is recommended that all users upgrade to this version.

Full change list for v0.11.2-v0.11.4::

0.11.4 (February 15, 2019)

  • New -json-to-caddyfile and -caddyfile-to-json flags
  • Fix leaking logging goroutine on SIGUSR1
  • basicauth: Error is logged when authentication fails
  • proxy: Fix bug by re-adding pre-existing trailing slashes
  • tls: Fix bug related to certificate storage path

0.11.3 (February 5, 2019)

  • New {server_port} placeholder
  • New third-party plugin: extauth
  • New flags -log-roll-mb and -log-roll-compress
  • basicauth: Bypass for OPTIONS method
  • errors/log: Ability to disable log rolling
  • proxy: New subdirective 'ca_certificates'
  • staticfiles: Require GET method to serve static files
  • tls: Fixes to self-signed certs, IP certs, email prompts, & more
  • SOLVED REGRESSIONS: #2356, #2414
  • A number of other important fixes and improvements

0.11.2 (January 16, 2019)

  • Extracted automagic TLS code into CertMagic library
  • Add support for new clustering plugins
  • New placeholder: '{when_iso_local}'
  • New third-party plugins: s3browser, filebrowser
  • Removed third-party plugins: jekyll, hugo
  • bind: Support multiple interface values
  • import: Can now be used within directive blocks
  • proxy: Status 499 when clients close connection early
  • templates: No longer emit ETag and Last-Modified headers
  • tls: Support for the ACME TLS-ALPN-01 challenge
  • KNOWN/UNRESOLVED REGRESSIONS: #2356, #2414
  • Several bug fixes and minor improvements
Assets 11
You can’t perform that action at this time.