Sourced from certbot's releases.

Certbot 3.2.0

Added

Changed

• certbot-nginx now requires pyparsing>=2.4.7.
• certbot and its acme library now require cryptography>=43.0.0.
• certbot-nginx and our acme library now require pyOpenSSL>=25.0.0.
• Deprecated gen_ss_cert in acme.crypto_util as it uses deprecated pyOpenSSL API.
• Add make_self_signed_cert to acme.crypto_util to replace `gen_ss_cert.
• Directory hooks are now run on all commands by default, not just renew
• Help output now shows False as default when it can be set via cli.ini instead of None
• Changed terms of service agreement text to have a newline after the TOS link
• certbot-cloudflare-dns is now pinned to version 2.19 of Cloudflare's python library
• Removed support for Linode API v3 which was sunset at the end of July 203.

Fixed

• Private keys are now saved in PKCS#8 format instead of PKCS#1. Using PKCS#1 was a regression introduced in Certbot 3.1.0.
• Allow nginx plugin to parse non-breaking spaces in nginx configuration files.
• Honor --reuse-key when --allow-subset-of-names is set
• Fixed regression in symlink parsing on Windows that was introduced in Certbot 3.1.0.
• When adding ssl listen directives in nginx server blocks, IP addresses are now preserved.
• Nginx configurations can now have the http block in files other than the root (nginx.conf)

More details about these changes can be found on our GitHub repo.

Certbot 3.1.0

Added

Changed

• Python 3.8 support was removed.
• certbot-dns-rfc2136's minimum required version of dnspython is now 2.6.1.
• Updated our Docker images to be based on Alpine Linux 3.20.
• Our runtime dependency on setuptools has been dropped from all Certbot components.
• Certbot's packages no longer depend on library importlib_resources.

Fixed

... (truncated)

• a0e8b49 Release 3.2.0
• 3272dcb Update changelog for 3.2.0 release
• 3395dce Add ClouDNS to documentation (#9879)
• ad29d5f Remove support for Linode API v3 (#10062)
• de48847 Require v2.19 of cloudflare's python library (#10182)
• a57b29a [apache] Add type hints to apache configurator for mypy --strict (#10155)
• 9989e7b Remove unneeded casts now that Addr.fromstring can't be None (#10167)
• aafe7ba Update to latest poetry-plugin-export to fix urllib3 multiple versions issue ...
• 87e5dcb update ocsp api (#10181)
• 2535a7b fix mypy on 3.9 (#10179)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)