diff --git a/CHANGELOG b/CHANGELOG index ab9bd7ac..1f9c9d03 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,13 +1,15 @@ # Change Log This file contains a log of major changes in dehydrated -## [x.x.x] - xxxx-xx-xx +## [0.7.0] - 2020-12-10 ## Added - Support for external account bindings - Special support for ZeroSSL - Support presets for some CAs instead of requiring URLs - Allow requesting preferred chain (`--preferred-chain`) - Added method to show CAs current terms of service (`--display-terms`) +- Allow setting path to domains.txt using cli arguments (`--domains-txt`) +- Added new cli command `--cleanupdelete` which deletes old files instead of archiving them ## Fixed - No more silent failures on broken hook-scripts @@ -20,6 +22,8 @@ This file contains a log of major changes in dehydrated - Use JSON.sh to parse JSON - Use account URL instead of account ID (RFC compliance) - Dehydrated now has a new home: https://github.com/dehydrated-io/dehydrated +- Added `OCSP_FETCH` and `OCSP_DAYS` to per-certificate configurable options +- Cleanup now also removes dangling symlinks ## [0.6.5] - 2019-06-26 ## Fixed diff --git a/README.md b/README.md index 52f28886..a35660a0 100644 --- a/README.md +++ b/README.md @@ -60,6 +60,7 @@ Commands: --revoke (-r) path/to/cert.pem Revoke specified certificate --deactivate Deactivate account --cleanup (-gc) Move unused certificate files to archive directory + --cleanup-delete (-gcd) Deletes (!) unused certificate files --help (-h) Show help text --env (-e) Output configuration variables for use in other scripts @@ -77,6 +78,7 @@ Parameters: --lock-suffix example.com Suffix lockfile name with a string (useful for with -d) --ocsp Sets option in CSR indicating OCSP stapling to be mandatory --privkey (-p) path/to/key.pem Use specified private key instead of account key (useful for revocation) + --domains-txt path/to/domains.txt Use specified domains.txt instead of default/configured one --config (-f) path/to/config Use specified config file --hook (-k) path/to/hook.sh Use specified script for hooks --preferred-chain issuer-cn Use alternative certificate chain identified by issuer CN diff --git a/dehydrated b/dehydrated index ed241678..6c671fcc 100755 --- a/dehydrated +++ b/dehydrated @@ -17,7 +17,7 @@ umask 077 # paranoid umask, we're creating private keys exec 3>&- exec 4>&- -VERSION="0.6.6" +VERSION="0.7.0" # Find directory in which this script is stored by traversing all symbolic links SOURCE="${0}" diff --git a/docs/examples/config b/docs/examples/config index 66093447..51e38de3 100644 --- a/docs/examples/config +++ b/docs/examples/config @@ -102,7 +102,7 @@ #PRIVATE_KEY_ROLLOVER="no" # Which public key algorithm should be used? Supported: rsa, prime256v1 and secp384r1 -#KEY_ALGO=rsa +#KEY_ALGO=secp384r1 # E-mail to use during the registration (default: ) #CONTACT_EMAIL=