Certbot 2.5.0 Release

Certbot 2.5.0 has just been released. The changelog entry for the release is:

2.5.0 - 2023-04-04


  • acme.messages.OrderResource now supports being round-tripped
    through JSON
  • acme.client.ClientV2 now provides separate begin_finalization
    and poll_finalization methods, in addition to the existing
    finalize_order method.


  • --dns-route53-propagation-seconds is now deprecated. The Route53 plugin relies on the
    GetChange API
    to determine if a DNS update is complete. The flag has never had any effect and will be
    removed in a future version of Certbot.
  • Packaged tests for all Certbot components besides josepy were moved inside
    the _internal/tests module.


  • Fixed renew sometimes not preserving the key type of RSA certificates.
    • Users who upgraded from Certbot <v1.25.0 to Certbot >=v2.0.0 may
      have had their RSA certificates inadvertently changed to ECDSA certificates. If desired,
      the key type may be changed back to RSA. See the User Guide.
  • Deprecated flags were inadvertently not printing warnings since v1.16.0. This is now fixed.

More details about these changes can be found on our GitHub repo.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.