Tags: orangepizza/pebble
Tags
v2.1.0 features: * support for draft-ietf-acme-ip-06 (thanks @orangepizza for impl, @felixfontein for bug fixes!) * issuer/intermediate key/cert are accessible over HTTP (thanks @adferrand!) * support for specifying EE cert OCSP Responder URL (thanks @adferrand!) * support for creating and offering alternative cert. chains (thanks @felixfontein!) * -strict support for rejecting legacy JWS requests misc: * CI release asset publication pipeline (thanks @adferrand!) bug-fixes: * wfe: unlocking order in updateChallenge after read (thanks @dopey!)
Release v2.0.1 - Always send Link: rel="index" - Implement orderNotReady and badPublicKey errors - Add linting, test coverage, code of conduct and make lint fixes - Use pre-built release versions of pebble and pebble-challtestsrv in docker-compose.yml - Add AppVeyor support to auto-publish Windows Docker images
WFE: Check ownership on certificate before returning it (letsencrypt#207 ) Fixes letsencrypt#205
Pebble 2.0.0 release. This release enables all of the behaviour previously gated behind `-strict` as defaults. If you were not running Pebble 1.0.x with `-strict` already you may find this is a breaking release that requires client bugfixes. If you were previously running Pebble 1.0.x with `-strict` you should find 2.0.0 is a drop-in upgrade.
CI: Use bash not sh for .travis/deploy.sh (letsencrypt#198) We use bashisms in the `deploy.sh` script and need to invoke with with `bash` not `sh`, despite the shebang at the top of the deploy script.
pebble-challtestsrv: add request history API. (letsencrypt#185) In testing contexts its useful to be able to ask the `pebble-challtestsrv` about what DNS, HTTP(s), and TLS-ALPN-01 requests it has received.
WFE: Only send Replay-Nonce for POSTs/newNonce endpoint. (letsencrypt… …#184) Modern ACME only sends a Replay-Nonce in responses to GET/HEAD requests to the dedicated newNonce endpoint, or in replies to POST requests that consumed a nonce.