Posh-ACME 3.0.0 Release

Posh-ACME is a PowerShell based ACMEv2 client that supports both Windows PowerShell 5.1+ and PowerShell Core 6.0+. You can find the project site here:

You can download directly from GitHub or install via PowerShellGallery

Here are the 3.0.0 release notes from the changelog:

  • Potentially breaking changes
    • Many ACME protocol messages that previously used GET requests have been changed to POST-as-GET to comply with the latest ACME draft-16. Let’s Encrypt already supports the new draft, but other ACME servers may not yet.
    • CertIssueTimeout param was removed from New-PACertificate and Submit-OrderFinalize because it wasn’t actually being used properly in the former and doesn’t seem necessary anymore.
  • New Feature: Generate certs from an existing certificate request which can be useful for appliances that generate their own keys and CSRs. (Thanks @virot)
    • New CSRPath parameter on New-PACertificate and New-PAOrder that removes the need for Domain, CertKeyLength, NewCertKey, OCSPMustStaple, FriendlyName, PfxPass, and Install parameters when used. Most values will be extracted from the CSR.
    • Certs generated using this method will not have PFX files created because there is no private key.
    • Certs generated using this method can not be automatically installed to the Windows cert store because there are no PFX files.
  • Get-KeyAuthorization now has ForDNS parameter which returns the actual TXT value necessary for the dns-01 challenge. (Thanks @chandan1001)
  • Added new DNS plugins
    • IBMSoftLayer (IBM Cloud DNS)
    • AutoDNS (InternetX XML Gateway)
  • Fix for some validation params not getting set properly on new instances of old orders
  • Fix for Windows plugin not using $dnsParams appropriately (Thanks @B4dM4n)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.