Certbot 1.10.0 Release

We just released Certbot 1.10.0. The changelog for the release is:

1.10.0 - 2020-12-01

Added

  • Added timeout to DNS query function calls for dns-rfc2136 plugin.
  • Confirmation when deleting certificates
  • CLI flag --key-type has been added to specify 'rsa' or 'ecdsa' (default 'rsa').
  • CLI flag --elliptic-curve has been added which takes an NIST/SECG elliptic curve. Any of
    secp256r1, secp384r1 and secp521r1 are accepted values.
  • The command certbot certficates lists the which type of the private key that was used
    for the private key.
  • Support for Python 3.9 was added to Certbot and all of its components.

Changed

  • certbot-auto was deprecated on Debian based systems.
  • CLI flag --manual-public-ip-logging-ok is now a no-op, generates a
    deprecation warning, and will be removed in a future release.

Fixed

  • Fixed a Unicode-related crash in the nginx plugin when running under Python 2.

More details about these changes can be found on our GitHub repo.

12 Likes

Is that supposed to be secp384r1?

5 Likes

It is! Thanks for pointing that out. I updated my initial post.

3 Likes

A post was split to a new topic: How do I obtain an ECDSA certificate with Certbot?

You can find documentation about obtaining certificates that use ECDSA keys with Certbot at https://certbot.eff.org/docs/using.html#using-ecdsa-keys.

3 Likes

7 posts were split to a new topic: Certbot-auto no longer works on Debian based systems

Hi, sorry if this is a silly question ( new to use using letsencrypt even though I have heard a lot about it ).

Since this changed to being deprecated:

is there going to be any way to skip the prompt now for asking if you are ok with having your public IP logged?

P.S. love all the work you all do! thank you!

1 Like

@elrey

Welcome to the Let's Encrypt Community, Alex :slightly_smiling_face:

Do you have the latest certbot installed? I'm only asking because I can't imagine that certbot would be prompting regarding deprecated functionality, which would seem to me to be a bug.

1 Like

For certbot 1.10.0 and newer the whole prompt has been removed as part of the deprecation of the --manual-public-ip-logging-ok option: https://github.com/certbot/certbot/pull/8381/files#diff-3ac60fed55a0d164f409b8ebacd308e0e8ab10eabc3cd52176bb3771c9c91d71L117-L141

This fact is indeed not incorporated in the changelog.

2 Likes