Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
This release primarily improves DNS challenges, making them more efficient and correct (mostly edge cases).
Full Changelog: https://github.com/caddyserver/certmagic/compare/v0.16.1...v0.16.2
Minor enhancement allowing customization of the propagation delay/timeout for DNS challenge.
Full Changelog: https://github.com/caddyserver/certmagic/compare/v0.16.0...v0.16.1
This release is hopefully one of the last major tags before a more stable CertMagic 1.0. It includes a number of breaking changes (for the better, I promise) -- so please pay attention:
context.Context
passed in. We also added it to CleanUpOwnLocks()
and several other functions that end up calling Storage methods (e.g. CacheUnmanagedTLSCertificate()
). Your editor, in combination with gopls (the Go language server) should be able to quickly tell you where context is missing.fs.ErrNotExist
if a file or key is not found, instead of certmagic.ErrNotExist
, which has been removed. (The io/fs
package did not exist when CertMagic was first written.)ACMEManager
has been renamed to ACMEIssuer
, and CertificateManager
has been renamed to Manager
. These renames make naming more consistent and accurate, and less confusing (since ACMEManager was not a CertificateManager, which is a new type).I have personally submitted PRs to the more popular known storage implementations as a courtesy to help deal with the breaking changes.
The nuances of the logic in preparing for DNS challenges have changed slightly, hopefully it will work in more environments.
Thanks to all who contributed! Sorry for any inconvenience with the breaking changes; that's the joy of pre-1.0 libraries. We're almost there, though. It's been 5 years and we might finally be starting to get good at things.
Full Changelog: https://github.com/caddyserver/certmagic/compare/v0.15.4...v0.16.0
Full Changelog: https://github.com/caddyserver/certmagic/compare/v0.15.3...v0.15.4
Enhanced OCSP stapling support. Fixed automatic replacement of revoked certificates for on-demand certificates and some other edge cases.
Full Changelog: https://github.com/caddyserver/certmagic/compare/v0.15.2...v0.15.3
Minor tweaks and a minor bug fix.
This release improves use at large scale:
NextProtos
needs to be set by you on a tls.Config
if you are not using a CertMagic function that serves an application on top of TLS. In other words, if you're not using the HTTPS()
function, you should set NextProtos
to the proper values for your application. (This is not new, nor a change. Just a helpful note in the docs.)ManageSync()
to take a context.Context
as the first argument, so that synchronous operations can also be cancelled and cleaned up. This is a breaking change that may affect a small subset of users.Fixes and improvements for some edge cases.
A few fixes and enhancements:
ObtainCert()
and RenewCert()
have been split into Sync
and Async
versions, similar to ManageSync()
and ManageAsync()
, to bring consistency to the exported API, as well as to make room for...RenewCert*()
methods. This will renew a certificate even if it is not expiring.Minor bug fix and dependency upgrade.