Releases: icing/mod_md
Releases · icing/mod_md
mod_md v1.1.17
- fixed several coding bugs in detection of ACME challenge changes, e.g. when the local
MDomains changed and challenges for others had already been set up. Fixes thanks to
Michael Kaufmann (@mkauf). - added log messages when (supposed) ACME server's answer was not understood (by @mkauf)
- eliminated some compiler warnings about signedness and unused variables.
mod_md v1.1.16
- When you move the last domain name from an MD to another one, that now empty MD gets moved
to the store archive. The JSON file will still show the last domain, in case you want
to ressurect after a (human) configuration error. Fixes PR 62572
(see https://bz.apache.org/bugzilla/show_bug.cgi?id=62572).
mod_md v1.1.15
- Using libressl new integration of openssl API functions when available.
- making some timed wait in test_0700 more robust
mod_md v1.1.14
- Preventing other modules from messing with challenge repsonses. Fix by @mkauf. Thanks!
mod_md v1.1.13
- adding test cases for accessing a variety of paths for http-01 challenges to confirm
proper http responses (see #92). Reworked handler to fix edge cases discovered. - adapted test cases for new ACME boulder versions that shifted ACMEv1 to another port
- adapted test case domain from the now forbidden example.org to not-forbidden.org
mod_md v1.1.12
- less confusing logging when MDNotifyCmd returns a failure exit code
- MDNotifyCmd can be configured with arguments to which the managed domain
names are appended on invocation - added more test cases for MDNotifyCmd use
mod_md v1.1.10
- fixes error in renew window calculation that may lead to mod_md running
watchdog in a tight loop until actual renewal becomes necessary. - /.well-known/acme-challenge requests that cannot be answered for hostnames
outside the configured MDs are free to be answered by other handlers. This allows
co-existance between mod_md and other ACME clients on the same server (implements PR62189).
Suggested by Arkadiusz Miskiewicz [email protected].
mod_md v1.1.9
- Removed bould check from configure. Not everone building the module needs it installed.
Fixes #76. - Tests with boulder now need a mater revision >= 2018-01-10 or you will see failures in the
0800 tests. - Updated with log format fixes and copyright ASF insistence from apache httpd trunk
mod_md v1.1.8
- new configuration directive "MDBaseServer on|off" to allow/inhibit management of the base
server domains outside VirtualHosts. By default, this is "off", e.g. mod_md will not manage
certificates or perform https: redirections on the base server. This follows the
principle of least surprise. - Fixed gcc warnings.
mod_md v1.1.7
- MDMustStaple was unable to create the necessary OpenSSL OBJ identifier on some platforms,
possibly because this fails if the OID is already configured inopenssl.cnf, see
here. - Two memory leaks in cert issuer and alt-names lookup eliminated by Yann Ylavic.
- Changing MDMustStaple triggers certificate renewal.