v2.2.0
版本发布时间: 2023-02-05 06:23:56
win-acme/win-acme最新发布版本:v2.2.9.1701(2024-05-26 03:07:35)
New features
- The full options menu now exposes the 'order' step, which allows you to split your source into multiple certificates. This can be useful when you run into limits imposed by your ACME provider (e.g. Let's Encrypt only supports 100 host names per certificate), want to generate certificates for many websites without micro-managing the associated renewals, and/or want to prevent information disclose through the SAN list. This feature has been available through the command line for a long time, but is now considered mature enough for a broader audience.
- With the new global validation options it's possible to create certificates with a mix of different validation options. You might for example use HTTP-01/FTP validation for
www.example.com
and DNS validation for*.contoso.net
. Inspired by an idea coined by @JensSpanier (#2032). This also makes it easier to handle complicated validation settings. For example Azure requires some five pieces of difficult to remember information to do DNS validation, which until now had to be provided and maintained for each renewal seperately. - Added a new external plugin to store certificates in the CurrentUser store instead of the LocalSystem store, as requested by @cvalka2 and others (#2213).
- Added a new external plugin for DNS Made Easy, contributed by @cboyce428 (#2230)
- It's now possible to customize the file name used in the PFX and PEM store plugins, instead of that being hardwired to reflect the common name of the certificate, as requested by @Dezeptor (#2231).
- When disabling the certificate cache (setting it to 0 days) no private key material will be stored anywhere except when and where specifically requested. @florian-re brought this need to our attention (#2286).
- The renewal manager now includes an option to show the command line arguments that may be used to (re)create the renewal. This is not a 100% water tight solution because some things can only be done by going through the menu's interactively, but should help the discoverability of unattended mode and provide an easier path for people getting into automation. Suggested by @elitegoodguy and @cesarchefino.
Enhancements
- Plugins have seen many changes in this release, which is the reason this release is designated as version 2.2.0 instead of 2.1.24. If you've built your own plugin, you'll have to adapt it to use the new interfaces designed for this release. Generally this will increase code quality by reducing redundancy and resolving several awkward bits that sneaked in over the years as demands for the previous system shifted. As an end-user, this should have no noticable effect, except for more meaningful and context-aware error messages in several places.
- The program is now built using .NET7, keeping up to date with the latest and greatest from Microsoft and improving the file size and reliability of the self-contained executable (e.g. #2192). Several of the larger classes have been refactored into smaller pieces to improve code readability and maintainability, and the whole solution has been cleaned of warnings.
- Download size of the trimmed package has been reduced by about 2MB.
-
Newtonsoft.Json
has been removed in favor of Microsofts ownSystem.Text.Json
. - Azure plugins for DNS and KeyVault have been updated to use the next-generation ResourceManager packages, as well as various other third party dependency updates.
- Added a "no cache" (
--nocache
) switch and renewal manager menu option to be specifically different from "force" (--force
). The latter ensures that renewals are always due, while the former temporarily disables the cache. This resolves some illogical behaviour, as pointed out by @aleekso in #2257. - Intermediate certificates will no longer be installed to the Windows Certificate Store in
--test
mode, as per Let's Encrypts security recommendations. This helps to prevent your machine from trusting other test certificates. - If an error happens during an otherwise succesful renewal (e.g. triggered by an installation script), the notification system will still send a high priority notification, as requested by @baconliker in #2283.
- You will no longer be able to pick the IIS installation step more than once. There is currently never any need to do this, but the possibility led users to believe that it may be needed or useful (e.g. #2236).
- For ACME services that provide long-lived certificates, it's now possible to change the cache system to keep files longer than 120 days, as requested by @FISHMANPET (#2255).
- @mike6715b contributed an example script for the Veeam Cloud Gateway.
- An option has been added to
settings.json
to disable the datetimestamp that is normally appended to the friendly name of certificates, increasing the level of control over the final outcome, as requested by @willt (#2298).
Bug fixes
- Attempting first-time setup with EAB credentials at ZeroSSL would fail due to the program asking for user input.
- Encrypt/decrypt private keys stored in the order cache when calling
--encrypt
, this was previously ignored. - Don't show message "Test message sent" when it actually fails, reported by @kostamoisidis (#2208)
- The IIS FTP service would not always be detected properly, reported by @morhans (#2272)
- When cancelling a certificate using the command line, the cache would not be cleared.
1、 mscordbi.v2.2.0.1408.arm64.zip 506.59KB
2、 mscordbi.v2.2.0.1408.x64.zip 511.72KB
3、 mscordbi.v2.2.0.1408.x86.zip 440.39KB
4、 plugin.store.keyvault.v2.2.0.1408.zip 1.29MB
5、 plugin.store.userstore.v2.2.0.1414.zip 9.38KB
6、 plugin.validation.dns.azure.v2.2.0.1408.zip 1.23MB
7、 plugin.validation.dns.cloudflare.v2.2.0.1408.zip 298.33KB
8、 plugin.validation.dns.digitalocean.v2.2.0.1408.zip 392.32KB
9、 plugin.validation.dns.domeneshop.v2.2.0.1408.zip 59.98KB
10、 plugin.validation.dns.dreamhost.v2.2.0.1408.zip 12.12KB
11、 plugin.validation.dns.godaddy.v2.2.0.1408.zip 276.64KB
12、 plugin.validation.dns.googledns.v2.2.0.1408.zip 202.76KB
13、 plugin.validation.dns.luadns.v2.2.0.1408.zip 12.82KB
14、 plugin.validation.dns.ns1.v2.2.0.1408.zip 13.81KB
15、 plugin.validation.dns.route53.v2.2.0.1408.zip 473.72KB
16、 plugin.validation.dns.simply.v2.2.0.1408.zip 16.6KB
17、 plugin.validation.dns.transip.v2.2.0.1408.zip 285.6KB
18、 plugin.validation.http.rest.v2.2.0.1408.zip 12.45KB
19、 win-acme.v2.2.0.1416.arm64.pluggable.zip 31.69MB
20、 win-acme.v2.2.0.1416.arm64.trimmed.zip 10.05MB
21、 win-acme.v2.2.0.1416.x64.pluggable.zip 32.74MB
22、 win-acme.v2.2.0.1416.x64.trimmed.zip 10.37MB
23、 win-acme.v2.2.0.1416.x86.pluggable.zip 30.44MB
24、 win-acme.v2.2.0.1416.x86.trimmed.zip 9.71MB