v2.1 released
A general rework of code has been made to be compatible with the latest ACME draft 16 (v2.0 of acme-dns-tiny was based on draft 9).
First, unit tests now creates one account key by configuration sample,
they correctly create and remove temporary files, and they read the
GITLABCI_CONTACT
environment variable.
Then, tools created from acme-dns-tiny has been updated too: key rollover has been redesigned completely by the RFC and it has been updated to be compatible with latest acme-dns-tiny style. Style of account deactivation has been updated too.
Finally, acme-dns-tiny itself had a lot of improvements:
- Use standard Python3 doc strings instead of comments
-
Simplify returns of the
_send_signed_request
internal function to take advantage of therequests
module -
_send_signed_request
is able to launchPOST-as-GET
authenticated requests as defined in recent RFC drafts -
Config file now read the
CertificateFormat
key: it allows you, if needed, to ask for a specific chain file format instead of the defaultapplication/pem-certificate-chain
as defined in the RFC. - Example config file now avoid to define optional keys, it only give documentation
-
In the
CSR
file, theCN
value can be anywhere in theSubject
string -
If the
order
is alreadyready
on the ACME server side, acme-dns-tiny doesn't run full process, but just ask the certificate chain.
PS: that's not related to the recent dnspython
1.16 release
😉