Skip to content

Releases: sorah/acmesmith

v2.6.1

04 Dec 22:24
v2.6.1
6f5179b
Compare
Choose a tag to compare

v2.6.1 (2024-12-05)

Fixes

  • route53: restore_to_original_records can have an error when querying existing record sets when it generates a name with leading empty labels (OTOH: double leading dots). #65

v2.6.0

04 Oct 18:30
6a9287d
Compare
Choose a tag to compare

Enhancement

  • order: Gains --key-type, --rsa-key-size, --elliptic-curve options to customize private key generation, and generating EC keys. #58
  • autorenew: Respect the existing key configuration when regenerating a fresh key pair for renewal. #58

v2.5.0

08 Oct 16:24
v2.5.0
8e99026
Compare
Choose a tag to compare

Enhancement

  • Gains chain_preferences configuration to choose alternate chain. #47
  • route53: Gains substitution_map to allow delegation of _acme-challenge via predefined CNAME record. #53
  • s3: Gains endpoint option. #52

v2.4.0

02 Dec 18:41
9e049c4
Compare
Choose a tag to compare

Enhancement

  • route53: Gains restore_to_original_records option. When enabled, existing record will be restored after authorizing domain names. Useful when other ACME tools or providers using ACME where requires a certain record to remain as long as possible for their renewal process (e.g. Fastly TLS).

v2.3.0

12 May 05:12
c50a154
Compare
Choose a tag to compare

https://github.com/sorah/acmesmith/blob/v2.3.0/CHANGELOG.md

Enhancement

  • route53: Added support of assuming IAM Role to access Route 53. (requested at #36 #37 #38)

  • Added filter for challenge responders. This allows selecting a challenge responder for specific domain names. (indirectly requested at #36 #37 #38)

    challenge_responders:
      # Use specific IAM role for the domain "example.dev" ...
      - route53:
          assume_role:
            role_arn: 'arn:aws:iam:...'
        filter:
          subject_name_exact:
            - example.dev
    
      - manual_dns: {}
        filter:
          subject_name_suffix:
            - example.net
    
      # Default
      - route53: {}
  • config: now accepts connection_options and bad_nonce_retry for Acme::Client.

Fixes

  • Exported PKCS#12 were not included a certificate chain #35
  • s3: use_kms option was not respected for certificate keys & PKCS#12. It was always true.
  • A large refactoring of internal components.

v2.0.3

19 May 02:04
7af6b1c
Compare
Choose a tag to compare
Version 2.0.3

v2.0.2

19 May 02:04
5845dba
Compare
Choose a tag to compare
Version 2.0.2

v2.0.1

19 May 02:04
54cd51d
Compare
Choose a tag to compare
Version 2.0.1

2.0.0: ACME v2

17 May 22:20
44e4729
Compare
Choose a tag to compare

v0.11.0

02 Aug 08:47
c15fb0a
Compare
Choose a tag to compare

New feature

  • acmesmith save command to save (or update!) certificate and key files in a single command.
  • acmesmith save-certificate now accepts --type

Bug fixes

  • fix config['passphrase_from_env'] could be ignored