ssl

Let's Encrypt™ Change Log


Last modified: November 10, 2020

1.00.18


2020-10-07
  • Teach renew_ssl() to recognize single_domains.

1.00.17


2020-09-24
  • Use handle_new_certificate() if it exists, and thus add Dynamic DNS support.

1.00.16


2020-08-19
  • Use provider’s generate_key() method, if it exists, rather than creating an RSA key internally.

1.00.15


2020-07-14
  • Omit subject from CSRs. This avoids the 64-byte limit on commonName and simplifies the logic besides. As of now LE still cannot issue certificates without at least one domain that can be in a commonName field, but we don’t need to try to dictate that.

1.00.14


2020-03-19
  • Check for authz success after initial switch to DNS DCV to accommodate authz/DCV success that happens in the window between timeout and the new certificate order.

1.00.13


2020-03-17
  • Forgo sorting of domains via SORT_VHOST_FQDNS(). LE applies its own sort order anyway, and that sorting breaks in v88 because the list of domains can now include wildcard domains, which are neither literal vhost members nor service subdomains and thus sometimes impossible to associate with a specific vhost.

1.00.12


2019-10-22
  • Defer loading of Net::ACME2 until runtime to reduce memory usage in contexts where we aren’t actually talking to Let’s Encrypt.

1.00.11


2019-10-08
  • Log only to file (not warn()) on failure to retrieve Terms of Service.
  • Use /var/cpanel for the registration key rather than /root/.cpanel. This makes it so that normal configuration backups will include this registration information.

1.00.10


2019-09-17
  • Ensure that all Net::ACME2::X::Generic instances propagate as Cpanel::Exception objects. This will prevent stack traces in the logs in production.

1.00.9


2019-08-20
  • Add “Conflicts” to explicitly state the relationship w/ the v1 plugin.

1.00.8


2019-08-19
  • Removes “Obsoletes” to avoid breaking existing LE plugin installations.

1.00.7


2019-08-08
  • Always do DNS DCV for wildcard domains (HTTP is not supported)

1.00.6


2019-08-07
  • Collapse redundant domains w/ wildcards

1.00.5


2019-08-06
  • Fix wildcard support.

1.00.4


2019-08-06
  • Restore errantly-removed wildcard support from previous commit.

1.00.3


2019-08-05
  • Enforce MAX_DOMAINS_PER_CERTIFICATE intelligently

1.00.2


2019-07-25
  • Wildcard support

1.00.1


2019-07-17
  • Initial setup

Additional Documentation