See release notes on acme-dns-tiny website and on the Gitlab project.
acme-dns-tiny is simpler to configure thanks to the DNS resource records of type NS
and SOA
:-)
Furthermore, by default, it times out if any server (ACME server or DNS server) doesn't responds timely (by default 10
seconds, to retrieve previous behavior disable it with value 0
).
Feature fixed on v2.4:
Continuous Integration:
Documentation:
/documentations
directory so we can always synchronize it with codeFeature fixed on v2.3:
Feature added:
Continuous Integration improvement:
overlay2
filesystem driverOther:
I've just released v2.2 of acme-dns-tiny and updated texts on the project website.
For the website, I hope it will be easier to understand what the project is.
For the release v2.2, I wanted to just update continuous integration with my recent experience at job.
Finally, it contains too code style update, check that acme-dns-tiny is compatible with the ACME RFC 8555 released since v2.1, some bug fixes which were already merged but never added to a release and some fixes backported from the acme-tiny upstream project.
This release does a jump from RFC draft 9 implementation to ACME RFC draft 16.
Full details available on the tag v2.1.
PS: that's not related to the recent dnspython
1.16 release 😉
Bob Halley has announced a new release of dnspython
, a python library to do DNS stuff.
As you may have seen, acme-dns-python
heavily relies on dnspython
to do its job and so we'll need to check if the script is still compatible with this new release.
Please note that we should not have many troubles with the next 2.x release of dnspython
as, acme-dns-python
is already thought to be used only with Python 3.
Hello,
As announced last March, I've released the v2
branch in the master
branch.
If you want to continue to use the older Let's Encrypt API, please don't follow master branch, but be sure to use the tags v1.*
.
Note, I won't continue development of this version, as the ACME current draft allows to run wildcard requests and the developments made for the v2
branches have almost changed all the code.
I wanted to take the oportunity too to thanks Gigadoc2 for its two interesting requests: the --csr
command line option and the finer grained DNS policy update by use of CNAME
.
You'll find more details on the Gitalb tag v2.0
page: https://projects.adorsaz.ch/adrien/acme-dns-tiny/tags/v2.0
See you
Hello,
Let's Encrypt has announced their new API production endpoint is now available.
That means you can now use the acme-dns-tiny code from branch v2
to use their new API and receive wilcard certificates.
I've already used it on my own server and it seems to work well. I'll merge this branch in master
by end of the week. Please be sure to follow tags instead of master branch on your productions to be sure to use the version you need.
About the new code available in v2
:
CheckChallengeDelay
option by a TTL
one which will be used to install TXT records on your server and wait before asking to check the challenge (defaulted to 10 seconds)--verbose
command argument to have a little bit more outputAnd, for advanced users:
--csr
command argument to specify the CSR file path (which is the option which will be different in this case)_acme-challenge
, it will be followed to install the TXT records on the alias instead (note, it won't follow a chain of CNAME, just one alias). That allows you to configure TSIG keys on a different zone and have more precise DNS update policy.Hoping you'll like it !