All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Command-line interface (
certapi/cli) exposing common workflows:issue,renew,list, andrevoke. - Config file support and environment variable overrides for local/CI usage.
- Enhanced logging, debug flags, and more informative CLI error messages.
- Improved CLI-friendly output formats (plain text and JSON) for scripting and automation.
- Various integration and usability issues discovered during CLI testing.
- Packaging and CI improvements:
pyproject.toml/requirements.txtupdates and release automation tweaks.
- Docker image tagging and Dockerfile fixes for reproducible builds.
- Miscellaneous minor bugfixes and documentation tweaks.
- Postgres keystore robustness improvements and better sqlite fallback handling.
- Packaging metadata and dependency pinning issues causing install-time warnings.
- Improved DNS provider integrations (Cloudflare/DigitalOcean) for TXT record cleanup.
- Race conditions during challenge creation and cleanup under heavy concurrency.
- Robustness fixes for order certificate retrieval and decoding.
- Additional sanity checks when loading keys and certificates from keystores.
- Retry/backoff handling for transient HTTP and DNS provider errors.
- Test stability fixes for challenge cleanup routines.
- Small improvements to logging and diagnostic output for ACME flows.
- Keystore path handling edge-cases that caused certificate lookups to fail.
- Minor bugfixes in ACME error parsing to avoid missing-detail exceptions.
- Production Docker image (multi-arch, rootless, Gunicorn, port
8080). - Concurrency control with domain-level locking and renewal queuing.
- Configurable certificate renewal threshold (
CERT_RENEW_THRESHOLD_DAYS). - CI/CD workflow for automated GHCR publication.
- Standardized environment variables, error handling, and minor typos.
- [] Certapi api and docker image
- Improved
AcmeHttpErrorprocessing to handle missing response fields and prevent type errors during error message generation. - Implemented configurable retry delays and error handling for connection reset errors.
- Fixed timezone deprecation warnings across the codebase.
- Certificate expiry date check logic.
- [] Certapi api and docker image
- Mechanism to prune all TXT records/challenges on startup in challenge stores.
- Logging of request bodies on errors for better debugging.
- Cleanup method to ChallengeSolver
- Missing init.py file in modules
- Refactor everything to proper Inheritance
- Workaround for fullchain cert
- DigitalOcean challenge store
- Allow custom store dir name, fix self-signed cert name
- Use PiPy api key for publishing
- Better error handling, add packaging
- Fix issues. make certificate issuing functional.
- Fix apis, make ready for testing
- Basic implementation [incomplete]
- SSL warning in Nginx related to fullchain certificates and keystore handling.
- Payload handling when re-trying failed requests.
- Log request body on errors
- Logging and Readme
- Remove extra file
- Logging verbosity in cloudflare
- Challenge solving logic
- Key, Challenge stores and tests
- Filesystem keystore
- Bugfix: Fix response usage in Order.get_certificate
- Bugfix: return str in Order.get_certificate not bytes
- Bugfix: Pass certificate string to keystore
- Bugfix: Handle ACME error with no detail
- Certificate save logic
- "detail" key missing error during acme error handling
- Bugfix fix selfsigned detection logic
- Bugfixes for dns challenge
- Crypto classes, add cloudflare challenge store
- Response type and error handling
- Increased wait time for DNS propagation to 20 sec to improve reliability.
- Increase wait time for DNS propagation to 10 sec
- Refactor Challenge Solvers to use common base class
- Minor fixes, Improve challenge cleanup
- Proper error handling in DNS provider APIs
- Renames ChallengeStore to ChallengeSolver, other minor fixes
- Refactor CertIssuer, improve server
- Apply black formatter
- Update gitignore
- WIP enhance crypto classes
- Auto set release tag
- Change project name to certapi