lacme/config, branch debian/0.7-1

Use upstream certicate chain instead of an hardcoded one.

2020-11-25T23:16:06+00:00

This is a breaking change.  The certificate indicated by 'CAfile' is no
longer used as is in 'certificate-chain' (along with the leaf cert).
The chain returned by the ACME v2 endpoint is used instead.  This allows
for more flexbility with respect to key/CA rotation, cf.
https://letsencrypt.org/2020/11/06/own-two-feet.html and
https://community.letsencrypt.org/t/beginning-issuance-from-r3/139018

Moreover 'CAfile' now defaults to @@datadir@@/lacme/ca-certificates.crt
which is a concatenation of all known active CA certificates (which
includes the previous default).

Ignore [accountd] section from lacme.conf when the --socket option is defined.

2020-08-03T23:39:39+00:00

This allows remotely-controlled lacme processes being controlled without
modifying an config files.  See https://bugs.debian.org/955767 .

Makefile: Use variables for target directories etc.

2020-08-03T23:39:35+00:00

Change default libexec dir from /usr/lib/lacme to /usr/libexec/lacme.

2020-08-03T20:31:35+00:00

Install lacme manpage to section 8.

2020-08-03T20:31:20+00:00

As it's a system command, see hier(7) for details.

Use /run for the listening socket of the webserver component.

2019-08-21T22:34:04+00:00

Use ACME v2 endpoints

2018-04-26T23:43:03+00:00

https://tools.ietf.org/html/draft-ietf-acme-acme-12

Bind webserver to /var/run/lacme-www.socket by default.

2017-07-08T19:02:36+00:00

mv config/{apache2.conf,nginx.conf} snippets/

2017-07-08T18:59:11+00:00

wibble

2017-06-30T07:26:41+00:00