Certbot 1.4.0 Release

Certbot 1.4.0 has just been released. The changelog entry for the release is:

1.4.0 - 2020-05-05


  • Turn off session tickets for apache plugin by default when appropriate.
  • Added serial number of certificate to the output of certbot certificates
  • Expose two new environment variables in the authenticator and cleanup scripts used by
    the manual plugin: CERTBOT_REMAINING_CHALLENGES is equal to the number of challenges
    remaining after the current challenge, CERTBOT_ALL_DOMAINS is a comma-separated list
    of all domains challenged for the current certificate.
  • Added TLS-ALPN-01 challenge support in the acme library. Support of this
    challenge in the Certbot client is planned to be added in a future release.
  • Added minimal proxy support for OCSP verification.
  • On Windows, hooks are now executed in a Powershell shell instead of a CMD shell,
    allowing both *.ps1 and *.bat as valid scripts for Certbot.


  • Reorganized error message when a user entered an invalid email address.
  • Stop asking interactively if the user would like to add a redirect.
  • mock dependency is now conditional on Python 2 in all of our packages.
  • Deprecate certbot-auto on Gentoo, macOS, and FreeBSD.


  • When using an RFC 8555 compliant endpoint, the acme library no longer sends the
    resource field in any requests or the type field when responding to challenges.
  • Fix nginx plugin crash when non-ASCII configuration file is being read (instead,
    the user will be warned that UTF-8 must be used).
  • Fix hanging OCSP queries during revocation checking - added a 10 second timeout.
  • Standalone servers now have a default socket timeout of 30 seconds, fixing
    cases where an idle connection can cause the standalone plugin to hang.
  • Parsing of the RFC 8555 application/pem-certificate-chain now tolerates CRLF line
    endings. This should fix interoperability with Buypass’ services.

More details about these changes can be found on our GitHub repo.


A couple of weeks ago I made a TLS-ALPN-01 authentication plugin for 1.4.0, and would appreciate feedback on it.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.