This is the changelog for certgrinderd
. The latest version of this file can always be found on Github
All notable changes to certgrinderd
will be documented in this file.
This project adheres to Semantic Versioning.
- Update dependencies
- show acmeaccount command which runs certbot show_account and returns the output, including the ACME account URI for use in CAA records.
- Tox docs build: Switch from whitelist_external to allowlist_external
- Tox docs build: Switch from requirements files to using the docs extra from pyproject.toml
- Make certgrinderd get the version from setuptools_scm
- Switch default branch name from master to main
- Update dependencies
- Add missing development dependency build to dev extras in pyproject.toml
- Stop including unit tests in built packages. Tests are still included in the source .tar.gz distribution.
- Fixed broken show configuration subcommand and remove some unused code.
No changes since rc1.
- Introduce Python 3.11 support
- Update a bunch of development dependencies (linters, test tools, pre-commit config)
- Update dependency certbot==1.21.0 to certbot==2.6.0
- Update dependency requests==2.26.0 to requests==2.31.0
- Drop support for Python 3.7 (some dependencies no longer support it)
- Added pyupgrade to pre-commit-config.yaml and fixed a few small things
- Include Python 3.10 support
- Update setup.py to include license_file
- Update description in setup.py
- Update dependency PyYAML==5.4.1 to PyYAML==6.0
- Update dependency certbot==1.15.0 to certbot==1.21.0
- Update dependency requests==2.25.1 to requests==2.26.0
- Update a bunch of development dependencies
- Switch to Github Actions instead of Travis CI
- No changes since v0.17.0-rc3
- Replace underscores with spaces in the preferred-chain name
- Do not check number of intermediates when getting OCSP.
- Replace spaces with underscores in chain names to get around quoting woes in the SSH commands
- New config and command-line option
preferred-chain
can be used to ask the ACME server (LetsEncrypt) to sign with the specified chain. This is used by the certgrinder clientsalternate-chain
option to ask for primary or alternate chain for staging or prod. The value of the option is passed directly to Certbot as--preferred-chain
.
- Refactor a bunch of code to support the new two-intermediates chain from LetsEncrypt
- Upgrade dependencies
- Certgrinderd now keeps a pidfile while running to prevent running multiple times simultaneously.
- New
ping
command used by thecertgrinder
commandcheck connection
to check connection to thecertgrinderd
server without doing anything else. - Python3.9 support
- IDN domain handling now works again
- No changes
- No changes
- No changes
- Enabled
check-spelling
Github action and fixed a bunch of misspelled words all over.
- Removed unused
--rsa-key-size
arg from certbot command - Fix wrong requirements line for pre-commit (remove extra equal sign)
- Updated all dependencies in requirements.txt, and switch to pinning deps with == rather than >= so dependabot on github can do its thing
- No changes
- Change
intermediate
toissuer
in the code and tests.
- Fix a wrong error message in an assert in
test_parse_certificate_chain_path()
- Change log message to
INFO
when getting a new OCSP response
- No changes
- Introduce commands and subcommands (like "get certificate" or "get ocsp")
- Add OCSP response fetching and verifying functionality
- Add requests to requirements (for getting OCSP responses)
- Tests for the new functionality
- Refactor code to fit the commands/subcommand structure
- Log certbot stderr at level ERROR
- Change some default config from None to "" to keep it as str
- Manpage to MANIFEST.in to include it in the distribution
- Specify python3.7 and 3.8 as classifiers in setup.py
- No changes
- Information about $SSH_ORIGINAL_COMMAND to docs
- Show current log-level setting in first log message
- Dev requirements now has
sphinx-rtd-theme
which is the theme used on ReadTheDocs, somake html
indocs/
now produces the same-ish output. - Dev requirements now include
sphinx-argparse
used for generating automatic usage documentation. - Short command-line options for a bunch of things.
- Manpage certgrinderd.8
- Unittests for a few Certgrinderd() methods
- Move CHANGELOG.md to rst format and into
docs/
- Split certbot-command related stuff into new methods get_certbot_command() and run_certbot()
- Split creating the argparse object into a separate function to assist sphinx-argparse
- Test suite now covers 100% of certgrinderd.py
- Only try challenge types if we have the needed info (acme-zone for DNS-01, www-root for HTTP-01)
- No changes
- Changed logformat to prefix messages with certgrinderd: and Certgrinderd. instead of nothing and %(name)s, making it more clear which messages are from certgrinder and which are from certgrinderd.
- No changes
certgrinderd
now creates a temporary directory for temporary CSR and CRT files per run. The directory and contents is at the end of each run. If --temp-dir is configured the temporary directory is created inside the path specified.
- -f and -S short options for --config-file and --staging
- MANIFEST.in file to include sample config and hook scripts
- New --log-level option to set logging verbosity. Must be one of DEBUG, INFO, WARNING, ERROR, CRITICAL, corresponding to the levels in the Python logging framework.
- A lot of new documentation about
certgrinderd
- Command-line options for everything
- Configuration file and command-line options aligned so everything is configurable both places.
- Add missing PyYAML dependency in setup.py
- Fix so certgrinderd.conf certbot_commands with spaces in them work as expected
- Install
certgrinderd
binary using entry_points in setup.py
- Move CSR loading and testing to class methods in the Certgrinderd class
- Wrap remaining script initialisation in a main() function to support entry_points in setup.py better
- Create Python package
certgrinderd
for the Certgrinder server, publish on pypi - Add isort to pre-commit so imports are kept neat
- Tox and pytest and basic testsuite using Pebble as a mock ACME server
- Travis and codecov.io integration
- Move client files into client/ and server files into server/, each with their own CHANGELOG.md
- Rename server from csrgrinder to certgrinderd
- Rewrite server in Python