summaryrefslogtreecommitdiffstats
path: root/changes-entries
diff options
context:
space:
mode:
authorStefan Eissing <icing@apache.org>2024-09-17 13:38:19 +0200
committerStefan Eissing <icing@apache.org>2024-09-17 13:38:19 +0200
commitaf10058840e024e6cf2bbdd50cc1dacfe236e6fc (patch)
tree1bba86e6826aca4314c202ee7b643059d40c36f6 /changes-entries
parentremoved experimental mod_tls. source, documenation and test cases (diff)
downloadapache2-af10058840e024e6cf2bbdd50cc1dacfe236e6fc.tar.xz
apache2-af10058840e024e6cf2bbdd50cc1dacfe236e6fc.zip
*) mod_md: update to version 2.4.28
- When the server starts, it looks for new, staged certificates to activate. If the staged set of files in 'md/staging/<domain>' is messed up, this could prevent further renewals to happen. Now, when the staging set is present, but could not be activated due to an error, purge the whole directory. [icing] - Fix certificate retrieval on ACME renewal to not require a 'Location:' header returned by the ACME CA. This was the way it was done in ACME before it became an IETF standard. Let's Encrypt still supports this, but other CAs do not. [icing] - Restore compatibility with OpenSSL < 1.1. [ylavic] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920747 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'changes-entries')
-rw-r--r--changes-entries/md_v2.4.28.txt11
1 files changed, 11 insertions, 0 deletions
diff --git a/changes-entries/md_v2.4.28.txt b/changes-entries/md_v2.4.28.txt
new file mode 100644
index 0000000000..3eb2bc4917
--- /dev/null
+++ b/changes-entries/md_v2.4.28.txt
@@ -0,0 +1,11 @@
+ *) mod_md: update to version 2.4.28
+ - When the server starts, it looks for new, staged certificates to
+ activate. If the staged set of files in 'md/staging/<domain>' is messed
+ up, this could prevent further renewals to happen. Now, when the staging
+ set is present, but could not be activated due to an error, purge the
+ whole directory. [icing]
+ - Fix certificate retrieval on ACME renewal to not require a 'Location:'
+ header returned by the ACME CA. This was the way it was done in ACME
+ before it became an IETF standard. Let's Encrypt still supports this,
+ but other CAs do not. [icing]
+ - Restore compatibility with OpenSSL < 1.1. [ylavic]