diff options
| author | Guilhem Moulin <guilhem@debian.org> | 2024-06-13 17:54:21 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@debian.org> | 2024-06-13 17:54:21 +0200 |
| commit | 31168af791066a43adf6a52d2f51da6185bab15e (patch) | |
| tree | 134768f15684231732ef2640e5a60a630c5886ea /Changelog | |
| parent | d531c00ae1c422b3f0948d297098722fb448edb5 (diff) | |
| parent | ce6a95d172dbefd0e310c46e0a0d9c56d19e34ca (diff) | |
Merge tag 'v0.8.3' into debian/latest
Release version 0.8.3
Diffstat (limited to 'Changelog')
| -rw-r--r-- | Changelog | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -1,3 +1,17 @@ +lacme (0.8.3) upstream; + + + Fix post-issuance validation logic. We avoid pining the + intermediate certificates in the bundle and instead validate the + leaf certificate with intermediates supplied during issuance as + untrusted (used for chain building only). Only the root + certificates are used as trust anchor. Not pining intermediate + certificates is in line with Let's Encrypt's latest recommendations. + + Pass `-in /dev/stdin` option to openssl(1) to avoid warning with + OpenSSL 3.2 or later. + + Fix test suite. + + -- Guilhem Moulin <guilhem@fripost.org> Thu, 13 Jun 2024 17:39:34 +0200 + lacme (0.8.2) upstream; + client: Handle "ready" → "processing" → "valid" status change during |