aboutsummaryrefslogtreecommitdiffstats
path: root/debian/patches/series
Commit message (Collapse)AuthorAgeFiles
* Use upstream certificate chain instead of an hardcoded one.debian/0.5-1+deb10u2debian/busterGuilhem Moulin2020-11-261
| | | | | | | | | | | | | This is a breaking change. The certificate indicated by 'CAfile' is no longer used as is in 'certificate-chain' (along with the leaf cert). The chain returned by the ACME v2 endpoint is used instead. This allows for more flexbility with respect to key/CA rotation, cf. https://letsencrypt.org/2020/11/06/own-two-feet.html and https://community.letsencrypt.org/t/beginning-issuance-from-r3/139018 Moreover 'CAfile' now defaults to @@datadir@@/lacme/ca-certificates.crt which is a concatenation of all known active CA certificates (which includes the previous default).
* Issue GET and POST-as-GET requests (RFC 8555 sec. 6.3)debian/0.5-1+deb10u1Guilhem Moulin2019-08-261
| | | | | | | | | | For the authorizations, order and certificate URLs. See RFC 8555 sec. 7.1. Let's Encrypt will remove support of unauthenticated GETs from the V2 API on 01 Nov 2019: https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380
* Mention the Debian BTS in the manpages.Guilhem Moulin2016-06-141