diff options
author | Stefan Eissing <icing@apache.org> | 2024-09-17 13:38:19 +0200 |
---|---|---|
committer | Stefan Eissing <icing@apache.org> | 2024-09-17 13:38:19 +0200 |
commit | af10058840e024e6cf2bbdd50cc1dacfe236e6fc (patch) | |
tree | 1bba86e6826aca4314c202ee7b643059d40c36f6 /changes-entries | |
parent | removed experimental mod_tls. source, documenation and test cases (diff) | |
download | apache2-af10058840e024e6cf2bbdd50cc1dacfe236e6fc.tar.xz apache2-af10058840e024e6cf2bbdd50cc1dacfe236e6fc.zip |
*) mod_md: update to version 2.4.28
- When the server starts, it looks for new, staged certificates to
activate. If the staged set of files in 'md/staging/<domain>' is messed
up, this could prevent further renewals to happen. Now, when the staging
set is present, but could not be activated due to an error, purge the
whole directory. [icing]
- Fix certificate retrieval on ACME renewal to not require a 'Location:'
header returned by the ACME CA. This was the way it was done in ACME
before it became an IETF standard. Let's Encrypt still supports this,
but other CAs do not. [icing]
- Restore compatibility with OpenSSL < 1.1. [ylavic]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1920747 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'changes-entries')
-rw-r--r-- | changes-entries/md_v2.4.28.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/changes-entries/md_v2.4.28.txt b/changes-entries/md_v2.4.28.txt new file mode 100644 index 0000000000..3eb2bc4917 --- /dev/null +++ b/changes-entries/md_v2.4.28.txt @@ -0,0 +1,11 @@ + *) mod_md: update to version 2.4.28 + - When the server starts, it looks for new, staged certificates to + activate. If the staged set of files in 'md/staging/<domain>' is messed + up, this could prevent further renewals to happen. Now, when the staging + set is present, but could not be activated due to an error, purge the + whole directory. [icing] + - Fix certificate retrieval on ACME renewal to not require a 'Location:' + header returned by the ACME CA. This was the way it was done in ACME + before it became an IETF standard. Let's Encrypt still supports this, + but other CAs do not. [icing] + - Restore compatibility with OpenSSL < 1.1. [ylavic] |