Certbot 0.19.0 has been released

The changelog for the release is:

0.19.0 - 2017-10-04


  • Certbot now has renewal hook directories where executable files can be placed for Certbot to run with the renew subcommand. Pre-hooks, deploy-hooks, and post-hooks can be specified in the renewal-hooks/pre, renewal-hooks/deploy, and renewal-hooks/post directories respectively in Certbot’s configuration directory (which is /etc/letsencrypt by default). Certbot will automatically create these directories when it is run if they do not already exist.
  • After revoking a certificate with the revoke subcommand, Certbot will offer to delete the lineage associated with the certificate. When Certbot is run with --non-interactive, it will automatically try to delete the associated lineage.
  • When using Certbot’s Google Cloud DNS plugin on Google Compute Engine, you no longer have to provide a credential file to Certbot if you have configured sufficient permissions for the instance which Certbot can automatically obtain using Google’s metadata service.


  • When deleting certificates interactively using the delete subcommand, Certbot will now allow you to select multiple lineages to be deleted at once.
  • Certbot’s Apache plugin no longer always parses Apache’s sites-available on Debian based systems and instead only parses virtual hosts included in your Apache configuration. You can provide an additional directory for Certbot to parse using the command line flag --apache-vhost-root.


  • The plugins subcommand can now be run without root access.
  • certbot-auto now includes a timeout when updating itself so it no longer hangs indefinitely when it is unable to connect to the external server.
  • An issue where Certbot’s Apache plugin would sometimes fail to deploy a certificate on Debian based systems if mod_ssl wasn’t already enabled has been resolved.
  • A bug in our Docker image where the certificates subcommand could not report if certificates maintained by Certbot had been revoked has been fixed.
  • Certbot’s RFC 2136 DNS plugin (for use with software like BIND) now properly performs DNS challenges when the domain being verified contains a CNAME record.

More details about these changes can be found on our GitHub repo:


good jobs

good to see some new features that will make life simpler

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.