certd/packages/core/acme-client/CHANGELOG.md

Change Log

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

1.25.8 (2024-09-30)

Note: Version bump only for package @certd/acme-client

1.25.7 (2024-09-29)

Note: Version bump only for package @certd/acme-client

1.25.6 (2024-09-29)

Performance Improvements

• 部署支持1Panel (d047234)

1.25.5 (2024-09-26)

Note: Version bump only for package @certd/acme-client

1.25.4 (2024-09-25)

Note: Version bump only for package @certd/acme-client

1.25.3 (2024-09-24)

Note: Version bump only for package @certd/acme-client

1.25.2 (2024-09-24)

Note: Version bump only for package @certd/acme-client

1.25.1 (2024-09-24)

Note: Version bump only for package @certd/acme-client

1.25.0 (2024-09-24)

Performance Improvements

• 证书支持旧版RSA，pkcs1 (3d9c3ec)
• 支持七牛云 (8ecc2f9)

1.24.4 (2024-09-09)

Note: Version bump only for package @certd/acme-client

1.24.3 (2024-09-06)

Note: Version bump only for package @certd/acme-client

1.24.2 (2024-09-06)

Performance Improvements

• 修复windows下无法执行第二条命令的bug (d5bfcdb)

1.24.1 (2024-09-02)

Bug Fixes

• 修复在没有勾选使用代理的情况下，仍然会使用代理的bug (0f66794)

Performance Improvements

• 部署插件支持宝塔、易盾云等 (ee61709)
• 授权配置支持加密 (42a56b5)

1.24.0 (2024-08-25)

Bug Fixes

• 修复成功后跳过之后丢失腾讯云证书id的bug (37eb762)
• 修复创建流水线后立即运行时报no id错误的bug (17ead54)
• 修复使用代理的情况下申请证书失败的bug (95122e2)

Features

• 支持google证书申请（需要使用代理） (a593056)

Performance Improvements

• 优化证书申请成功率 (968c469)

1.22.6 (2024-08-03)

Note: Version bump only for package @certd/acme-client

1.22.4 (2024-07-26)

Performance Improvements

• 证书申请支持反向代理，letsencrypt无法访问时的备用方案 (b7b5df0)

1.22.3 (2024-07-25)

Note: Version bump only for package @certd/acme-client

1.22.2 (2024-07-23)

Note: Version bump only for package @certd/acme-client

1.22.1 (2024-07-20)

Note: Version bump only for package @certd/acme-client

1.22.0 (2024-07-19)

Features

• 升级midway，支持esm (485e603)

1.21.2 (2024-07-08)

Note: Version bump only for package @certd/acme-client

1.21.1 (2024-07-08)

Note: Version bump only for package @certd/acme-client

1.21.0 (2024-07-03)

Features

• 支持zero ssl (eade2c2)

1.20.17 (2024-07-03)

Performance Improvements

• 创建dns解析后，强制等待60s (f47b35f)
• 优化cname verify (eba333d)

1.20.16 (2024-07-01)

Bug Fixes

• 修复配置了cdn cname后申请失败的bug (4a5fa76)

1.20.15 (2024-06-28)

Performance Improvements

• 腾讯云dns provider 支持腾讯云的accessId (e0eb3a4)

1.20.14 (2024-06-23)

Note: Version bump only for package @certd/acme-client

1.20.13 (2024-06-18)

Note: Version bump only for package @certd/acme-client

1.20.12 (2024-06-17)

Bug Fixes

• 修复aliyun域名超过100个找不到域名的bug (5b1494b)

Performance Improvements

• 支持cloudflare域名 (fbb9a47)

1.20.10 (2024-05-30)

Note: Version bump only for package @certd/acme-client

1.20.9 (2024-03-22)

Note: Version bump only for package @certd/acme-client

1.20.8 (2024-03-22)

Note: Version bump only for package @certd/acme-client

1.20.7 (2024-03-22)

Note: Version bump only for package @certd/acme-client

1.20.6 (2024-03-21)

Note: Version bump only for package @certd/acme-client

1.20.5 (2024-03-11)

Bug Fixes

• 修复腾讯云cdn部署无法选择端点的bug (154409b)

Changelog

v5.4.0 (2024-07-16)

• added Directory URLs for Google ACME provider
• fixed Invalidate ACME provider directory cache after 24 hours
• fixed Retry HTTP requests on server errors or when rate limited - #89

v5.3.1 (2024-05-22)

• fixed Allow client.auto() being called with an empty CSR common name
• fixed Bug when calling updateAccountKey() with external account binding

v5.3.0 (2024-02-05)

• added Support and tests for satisfying tls-alpn-01 challenges
• changed Replace jsrsasign with @peculiar/x509 for certificate and CSR handling
• changed Method getChallengeKeyAuthorization() now returns $token.$thumbprint when called with a tls-alpn-01 challenge
  • Previously returned base64url encoded SHA256 digest of $token.$thumbprint erroneously
  • This change is not considered breaking since the previous behavior was incorrect

v5.2.0 (2024-01-22)

• fixed Allow self-signed or invalid certs when validating http-01 challenges that redirect to HTTPS - #65
• fixed Wait for all challenge promises to settle before rejecting client.auto() - #75

v5.1.0 (2024-01-20)

• fixed Upgrade jsrsasign@11.0.0 - GHSA-rh63-9qcf-83gf
• fixed Upgrade axios@1.6.5 - CVE-2023-45857

v5.0.0 (2022-07-28)

• Upgrade guide here
• added New native crypto interface, ECC/ECDSA support
• breaking Remove support for Node v10, v12 and v14
• breaking Prioritize issuer closest to root during preferred chain selection - #46
• changed Replace bluebird dependency with native promise APIs
• changed Replace backo2 dependency with internal utility

v4.2.5 (2022-03-21)

• fixed Upgrade axios@0.26.1
• fixed Upgrade node-forge@1.3.0 - CVE-2022-24771, CVE-2022-24772, CVE-2022-24773

v4.2.4 (2022-03-19)

• fixed Use SHA-256 when signing CSRs

v3.3.2 (2022-03-19)

• backport Use SHA-256 when signing CSRs

v4.2.3 (2022-01-11)

• added Directory URLs for ACME providers Buypass and ZeroSSL
• fixed Skip already valid authorizations when using client.auto()

v4.2.2 (2022-01-10)

• fixed Upgrade node-forge@1.2.0

v4.2.1 (2022-01-10)

• fixed ZeroSSL duplicate_domains_in_array error when using client.auto()

v4.2.0 (2022-01-06)

• added Support for external account binding - RFC 8555 Section 7.3.4
• added Ability to pass through custom logger function
• changed Increase default backoffAttempts to 10
• fixed Deactivate authorizations where challenges can not be completed
• fixed Attempt authoritative name servers when verifying dns-01 challenges
• fixed Error verbosity when failing to read ACME directory
• fixed Correctly recognize ready and processing states - RFC 8555 Section 7.1.6

v4.1.4 (2021-12-23)

• fixed Upgrade axios@0.21.4 - CVE-2021-3749

v4.1.3 (2021-02-22)

• fixed Upgrade axios@0.21.1 - CVE-2020-28168

v4.1.2 (2020-11-16)

• fixed Bug when encoding PEM payloads, potentially causing malformed requests

v4.1.1 (2020-11-13)

• fixed Missing TypeScript definitions

v4.1.0 (2020-11-12)

• added Option preferredChain added to client.getCertificate() and client.auto() to indicate which certificate chain is preferred if a CA offers multiple
  • Related: https://community.letsencrypt.org/t/transition-to-isrgs-root-delayed-until-jan-11-2021/125516
• added Method client.getOrder() to refresh order from CA
• fixed Upgrade axios@0.21.0
• fixed Error when attempting to revoke a certificate chain
• fixed Missing URL augmentation in client.finalizeOrder() and client.deactivateAuthorization()
• fixed Add certificate issuer to response from forge.readCertificateInfo()

v4.0.2 (2020-10-09)

• fixed Explicitly set default axios HTTP adapter - axios/axios#1180

v4.0.1 (2020-09-15)

• fixed Upgrade node-forge@0.10.0 - CVE-2020-7720

v4.0.0 (2020-05-29)

• breaking Remove support for Node v8
• breaking Remove deprecated openssl crypto module
• fixed Incorrect TypeScript CertificateInfo definitions
• fixed Allow trailing whitespace character in http-01 challenge response

v3.3.1 (2020-01-07)

• fixed Improvements to TypeScript definitions

v3.3.0 (2019-12-19)

• added TypeScript definitions
• fixed Allow missing ACME directory meta field - RFC 8555 Section 7.1.1

v3.2.1 (2019-11-14)

• added New option skipChallengeVerification added to client.auto() to bypass internal challenge verification

v3.2.0 (2019-08-26)

• added More extensive testing using letsencrypt/pebble
• changed When creating a CSR, commonName no longer defaults to 'localhost'
  • This change is not considered breaking since commonName: 'localhost' will result in an error when ordering a certificate
• fixed Retry signed API requests on urn:ietf:params:acme:error:badNonce - RFC 8555 Section 6.5
• fixed Minor bugs related to POST-as-GET when calling updateAccount()
• fixed Ensure subject common name is present in SAN when creating a CSR - CAB v1.2.3 Section 9.2.2
• fixed Send empty JSON body when responding to challenges - RFC 8555 Section 7.5.1

v2.3.1 (2019-08-26)

• backport Minor bugs related to POST-as-GET when calling client.updateAccount()
• backport Send empty JSON body when responding to challenges

v3.1.0 (2019-08-21)

• added UTF-8 support when generating a CSR subject using forge - RFC 5280
• fixed Implement POST-as-GET for all ACME API requests - RFC 8555 Section 6.3

v2.3.0 (2019-08-21)

• backport Implement POST-as-GET for all ACME API requests

v3.0.0 (2019-07-13)

• added Expose axios instance to allow manipulating HTTP client defaults
• breaking Remove support for Node v4 and v6
• breaking Remove Babel transpilation

v2.2.3 (2019-01-25)

• added DNS CNAME detection when verifying dns-01 challenges

v2.2.2 (2019-01-07)

• added Support for tls-alpn-01 challenge key authorization

v2.2.1 (2019-01-04)

• fixed Handle and throw errors from OpenSSL process

v2.2.0 (2018-11-06)

• added New node-forge crypto interface, removes OpenSSL CLI dependency
• added Support native crypto.generateKeyPair() API when generating key pairs

v2.1.0 (2018-10-21)

• added Ability to set and get current account URL
• fixed Replace HTTP client request with axios
• fixed Auto-mode no longer tries to create account when account URL exists

v2.0.1 (2018-08-17)

• fixed Key rollover in compliance with draft-ietf-acme-13

v2.0.0 (2018-04-02)

• breaking ACMEv2
• breaking API changes
• breaking Rewrite to ES6
• breaking Promises instead of callbacks

v1.0.0 (2017-10-20)

• API stable

v0.2.1 (2017-09-27)

• fixed Bug causing invalid anti-replay nonce

v0.2.0 (2017-09-21)

• breaking OpenSSL method readCsrDomains and readCertificateInfo now return domains as an object
• fixed Added and fixed some tests

v0.1.0 (2017-09-14)

• acme-client released