Commit message (Collapse) | Author | Age | Files | |
---|---|---|---|---|
* | Use upstream certificate chain instead of an hardcoded one.debian/0.5-1+deb10u2debian/buster | Guilhem Moulin | 2020-11-26 | 1 |
| | | | | | | | | | | | | | This is a breaking change. The certificate indicated by 'CAfile' is no longer used as is in 'certificate-chain' (along with the leaf cert). The chain returned by the ACME v2 endpoint is used instead. This allows for more flexbility with respect to key/CA rotation, cf. https://letsencrypt.org/2020/11/06/own-two-feet.html and https://community.letsencrypt.org/t/beginning-issuance-from-r3/139018 Moreover 'CAfile' now defaults to @@datadir@@/lacme/ca-certificates.crt which is a concatenation of all known active CA certificates (which includes the previous default). | |||
* | Issue GET and POST-as-GET requests (RFC 8555 sec. 6.3)debian/0.5-1+deb10u1 | Guilhem Moulin | 2019-08-26 | 1 |
| | | | | | | | | | | For the authorizations, order and certificate URLs. See RFC 8555 sec. 7.1. Let's Encrypt will remove support of unauthenticated GETs from the V2 API on 01 Nov 2019: https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380 | |||
* | Mention the Debian BTS in the manpages. | Guilhem Moulin | 2016-06-14 | 1 |