Changes¶
0.9.0 (20/01/2020)¶
- First public release
- ACMEv1 support removed (v1 is deprecated since quite some time and will be disabled for new domains in June 2020)
0.8.0 (09/01/2020)¶
- [Feature] support for ACMEv2 HTTP01 challenge
- [Feature] ability to read credentials from environment variables
- [Improvement] migrate from simple string path to pathlib for easier path manipulation
- [Improvement] use byte as default encoding rather than str to avoid useless conversions
- [Improvement] use relative imports
- [Improvement] add missing doc
0.7.5 (16/12/2019)¶
- [Bug] ACME http01 - CA account key was deleted too early in the process while was still needed for renewal
0.7.4 (12/12/2019)¶
- [Improvement]: move acme section from blueprint directly in CA configuration
- [Improvement]: remove dedicated acme_storage and only use 1 generic storage class for CA manager
0.7.3 (11/12/2019)¶
- [Improvement]: avoid leaking credentials in git storage logs
0.7.2 (06/12/2019)¶
- [Bug]: fix invalid attribute in acme_v1_http01 renewal
0.7.1 (05/12/2019)¶
- [Bug]: fix module import on initialization
0.7.0 (05/12/2019)¶
- [Improvement]: generic CA managers for automatic certificate renewal, the type is determined from type attribute in blueprint CA. Supported values are : autossl.ca_manager.acme_v1_http01.AcmeHttp01 and autossl.ca_manager.local.LocalCa
- [Feature]: certificate signing from a CA key/certificate available in storage
0.6.0 (29/11/2019)¶
- [Feature]: support deployment of full certificate chain on any type of server
- [Feature]: when chain of trust is specified (in global config or ssl blueprint) always verify it before deployment
0.5.6 (19/11/2019)¶
- [Bug]: to_be_renewed flag returned by manager.get_renewal_status was still true when stored certificate was valid if at least 1 server was invalid
- [Feature]: manager.get_and_check_artifacts ability to try first retrieving artifacts from tracking when tracking ID specified, as we consider tracking the most up to date in that case
0.5.5 (18/11/2019)¶
- [Feature] support for CA certificates request
0.5.4 (12/11/2019)¶
- [Improvement]: python 3.8 support
- [Bug]: credentials in input of storage.gitscm were ignored, directly add them in input git url for http
0.5.3 (12/11/2019)¶
- DO NOT USE
0.5.2 (06/11/2019)¶
- [Bug]: fix equality operator on SslCertificate object as sans comparison must ignore sorting
- [Bug]: do not directly compare certificates in SslManager and always call ‘is_same’ from Server api as each server can customize/override its behavior
0.5.1 (29/10/2019)¶
- [Technical]: no change
0.5.0 (14/10/2019)¶
- [Improvement]: support certificates without servers
0.4.4 (22/08/2019)¶
- [Bug]: chain of trust in global config was ignored
- [Feature] add retries in case Incapsula return internal error at deployment (as happening quite often)
0.4.3 (05/08/2019)¶
- [Bug]: fix acme _get_new_challenge raising decoding error in python 3
0.4.2 (26/07/2019)¶
- [Bug]: fix deployment of full certificate chain of trust on Incapsula for python3 (base64 encoding issue)
0.4.1 (25/07/2019)¶
- [Bug]: Certificates deployed on Incapsula server type must contain the full chain – root CA , intermediate CA, and the origin server certificates, this is now default behavior for Incapsula and can be activated for any type of server.
0.4.0 (13/05/2019)¶
- [Feature]: plugins now have access to file type (Certificate, private key, …) when retrieving/saving data in storage and tacking to be able to customize behavior.
0.3.3 (06/05/2019)¶
- [Bug]: fix exception raised when Incaspula site has no SSL certificate deployed yet
0.3.2 (29/04/2019)¶
- [Improvement]: add email to ‘Subject’ section of the certificate
0.3.1 (26/04/2019)¶
- [Improvement]: better error handling during certificate deployment: deploy everywhere possible and report errors in tracking record
- [Improvement]: sanitize Incapsula tests removing all Amadeus specifics
- [Improvement]: update documentation
0.3.0 (15/03/2019)¶
- [Bug]: deploy from record was failing as looking first for data in storage without caching exception
- [Feature]: automatically save data in other apis when found only in a specific one
- [Feature]: support tracking in local file to more easily test different api orchestrations
- [Feature]: Support Incapsula server type
- [Feature]: ability to deploy existing certificate to outdated or new servers thanks to synchronize option
- [Feature]: support storage of credentials in local file ~/.autossl in ini format
0.2.3 (19/02/2019)¶
- [Bug]: host is an optional parameter in server configuration + fix for credential enum
- [Feature]: possibility to specify only global config without certificate information for deployment to retrieve blueprint from storage/tracking
0.2.2 (14/02/2019)¶
- [Bug]: fix package delivery: unable to access subpackages from external module
0.2.1 (14/02/2019)¶
- [Bug]: fix package delivery (missing subfolders)
- [Feature]: add ‘version’ option in command line to display package information
0.2.0 (13/02/2019)¶
- [Feature] make autossl generic to support any type of storage for artifacts persistency and tracking mechanism
0.1.13 (07/02/2019)¶
- [Improvement]: Do not block renewal if challenge cannot be verified from local machine as validation will be performed anyway by Certificate Authority
0.1.12 (07/02/2019)¶
- [Improvement]: Do not block renewal if server is not reachable from local machine
0.1.11 (19/12/2018)¶
- [Improvement]: Remove prompt when renew is called with force option
0.1.10 (19/12/2018)¶
- [Improvement]: Modify delivery to ensure proper artifact publication
0.1.9 (19/12/2018)¶
- [Improvement]: Return tracking record Id when applicable in ssl_manager.renew method
0.1.8 (10/12/2018)¶
- [Improvement]: support custom certificate filename for each server
0.1.7 (13/09/2018)¶
- [Improvement]: allow no servers section specified in ssl blueprint to just manage certificate request without server interaction
0.1.6 (27/08/2018)¶
- [Improvement]: add possibility to use any servers type. No automatic checks for now, they will always generate new certificates
0.1.5 (06/07/2018)¶
- [Improvement]: add retry capability in case of connection error for all http connections
0.1.4 (06/06/2018)¶
- [Improvement]: add retry capability to challenge creation/deletion in case of connection error for automated certificate renewal
0.1.3 (24/04/2018)¶
- [Bug]: fix default parameters for command line
0.1.2 (24/04/2018)¶
- [Bug]: add missing entry point for command line in setup.py
0.1.1 (11/04/2018)¶
- [Bug]: fix config files missing in package delivery
0.1.0 (06/04/2018)¶
- First delivery