Certbot 0.29.0 Release


#1

Certbot 0.29.0 has just been released. The changelog for the release is:

Added

  • Noninteractive renewals with certbot renew (those not started from a
    terminal) now randomly sleep 1-480 seconds before beginning work in
    order to spread out load spikes on the server side.
  • Added External Account Binding support in cli and acme library.
    Command line arguments --eab-kid and --eab-hmac-key added.

Changed

  • Private key permissioning changes: Renewal preserves existing group mode
    & gid of previous private key material. Private keys for new
    lineages (i.e. new certs, not renewed) default to 0o600.

Fixed

  • Update code and dependencies to clean up Resource and Deprecation Warnings.
  • Only depend on imgconverter extension for Sphinx >= 1.6

Despite us having broken lockstep, we are continuing to release new versions of
all Certbot components during releases for the time being, however, the only
package with changes other than its version number was:

  • acme
  • certbot
  • certbot-apache
  • certbot-dns-cloudflare
  • certbot-dns-digitalocean
  • certbot-dns-google
  • certbot-nginx

More details about these changes can be found on our GitHub repo: