Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Let's Encrypt Agreement URL #478

Closed
wants to merge 1 commit into from
Closed

Update Let's Encrypt Agreement URL #478

wants to merge 1 commit into from

Conversation

areian
Copy link

@areian areian commented Nov 16, 2017
edited
Loading

The agreement was updated on November 15th, and certificate issuance fails if the old agreement URL is provided.

Not sure if this is the right place to submit this patch. If not, please point me in the right direction, if the issue has not already been fixed there.

Also, not sure if I need to bump the package version, or if that is handled by a release manager.

@jim-p
Copy link
Contributor

jim-p commented Nov 16, 2017

I merged this manually since the Makefile did need the version updated, and also the URL was incorrect in this PR (ended in .pdf twice). It should be showing up for users to install shortly, thanks!

@jim-p jim-p closed this Nov 16, 2017
@areian
Copy link
Author

areian commented Nov 16, 2017

Woops! Copy/paste error 😥
Thanks for fixing and merging

@areian areian deleted the fix-acme-package branch November 16, 2017 14:30
netgate-git-updates pushed a commit that referenced this pull request Aug 16, 2021
@Jakker @rbgarga
dns/unbound: Update to 1.13.2
42ac7e7 
Added a new option DEP-RSA1024 to enable --with-deprecate-rsa-1024

Changelog:

- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
  ZONEMD records are checked for zones loaded as auth-zone,
  with DNSSEC if available.  There is an added option
  zonemd-permissive-mode that makes it log but not fail wrong zones.
  With zonemd-reject-absence for an auth-zone the presence of a
  zonemd can be mandated for specific zones.
- Fix: Resolve interface names on control-interface too.
- Merge #470 from edevil: Allow configuration of persistent TCP
  connections.
- Fix #474: always_null and others inside view.
- Add that log-servfail prints an IP address and more information
  about one of the last failures for that query.
- Merge #478: Allow configuration of TCP timeout while waiting for
  response.
- Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024.
- Move the NSEC3 max iterations count in line with the 150 value
  used by BIND, Knot and PowerDNS. This sets the default value
  for it in the configuration to 150 for all key sizes.
- zonemd-check: yesno option, default no, enables the processing
  of ZONEMD records for that zone.
- Merge #486 by fobster: Make VAL_MAX_RESTART_COUNT configurable.
- Merge PR #491: Add SVCB and HTTPS types and handling according to
  draft-ietf-dnsop-svcb-https.
- Introduce 'http-user-agent:' and 'hide-http-user-agent:' options.

PR:		257809
Sponsored by:	Rubicon Communications, LLC ("Netgate")
netgate-git-updates pushed a commit that referenced this pull request Aug 16, 2021
@Jakker @rbgarga
dns/unbound: Update to 1.13.2
8df9544 
Added a new option DEP-RSA1024 to enable --with-deprecate-rsa-1024

Changelog:

- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
  ZONEMD records are checked for zones loaded as auth-zone,
  with DNSSEC if available.  There is an added option
  zonemd-permissive-mode that makes it log but not fail wrong zones.
  With zonemd-reject-absence for an auth-zone the presence of a
  zonemd can be mandated for specific zones.
- Fix: Resolve interface names on control-interface too.
- Merge #470 from edevil: Allow configuration of persistent TCP
  connections.
- Fix #474: always_null and others inside view.
- Add that log-servfail prints an IP address and more information
  about one of the last failures for that query.
- Merge #478: Allow configuration of TCP timeout while waiting for
  response.
- Add ./configure --with-deprecate-rsa-1024 that turns off RSA 1024.
- Move the NSEC3 max iterations count in line with the 150 value
  used by BIND, Knot and PowerDNS. This sets the default value
  for it in the configuration to 150 for all key sizes.
- zonemd-check: yesno option, default no, enables the processing
  of ZONEMD records for that zone.
- Merge #486 by fobster: Make VAL_MAX_RESTART_COUNT configurable.
- Merge PR #491: Add SVCB and HTTPS types and handling according to
  draft-ietf-dnsop-svcb-https.
- Introduce 'http-user-agent:' and 'hide-http-user-agent:' options.

PR:		257809
Sponsored by:	Rubicon Communications, LLC ("Netgate")

(cherry picked from commit 42ac7e7)
netgate-git-updates pushed a commit that referenced this pull request May 21, 2022
@mandree
security/easy-rsa: update to 3.1.0
3ec62b0 
3.1.0 (2022-05-18)
   * Introduce basic support for OpenSSL version 3 (#492)
   * Update regex in grep to be POSIX compliant (#556)
   * Introduce status reporting tools (#555 & #557)
   * Display certificates using UTF8 (#551)
   * Allow certificates to be created with fixed date offset (#550)
   * Add 'verify' to verify certificate against CA (#549)
   * Add PKCS#12 alias 'friendlyName' (#544)
   * Disallow use of '--vars=FILE init-pki' (#566)
   * Support multiple IP-Addresses in SAN (#564)
   * Add option '--renew-days=NN', custom renew grace period (#557)
   * Add 'nopass' option to the 'export-pkcs' functions (#411)
   * Add support for 'busybox' (#543)
   * Add option '--tmp-dir=DIR' to declare Temp-dir (Commit f503a22)

3.0.9 (2022-05-17)
   * Upgrade OpenSSL from 1.1.0j to 1.1.1o (#405, #407)
      - We are buliding this ourselves now.
   * Fix --version so it uses EASYRSA_OPENSSL (#416)
   * Use openssl rand instead of non-POSIX mktemp (#478)
   * Fix paths with spaces (#443)
   * Correct OpenSSL version from Homebrew on macOs (#416)
   * Fix revoking a renewed certificate (Original PR #394)
     Follow-up commit: ef22701878bb10df567d60f2ac50dce52a82c9ee
   * Introduce 'show-crl' (d1993892178c5219f4a38d50db3b53d1a972b36c)
   * Support Windows-Git 'version of bash' (#533)
   * Disallow use of single quote (') in vars file, Warning (#530)
   * Creating a CA uses x509-types/ca and COMMON (#526)
   * Prefer 'PKI/vars' over all other locations (#528)
   * Introduce 'init-pki soft'  option (#197)
   * Warnings are no longer silenced by --batch (#523)
   * Improve packaging options (#510)
   * Update regex for POSIX compliance (#556)
   * Correct date format for Darwin/BSD (#559)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@areian @jim-p