PowerShell module and ACME client to create certificates from Let's Encrypt (or other ACME CA)
Domain
parameter causing errors with some ACME servers. Identifiers will now be deduplicated prior to being saved and sent to the ACME server. (#517)WSHDelayAfterStart
param to the WebSelfHost plugin which adds a configurable delay between when the challenge listener starts up and when it asks the ACME server to validate the challenges. (#518)HurricaneElectric
plugin that uses the DynDNS API instead of web scraping. (Thanks @jbrunink)CSRPath
parameter in New-PAOrder
and New-PACertificate
will now accept the raw string contents of a CSR file instead of just the path to a file. (#503)Simply
plugin has been renamed to SimplyCom
at the request of the provider. The new version is exactly the same. The old version will remain until the next major release. Users should update their renewal configs to use the new version to prevent future breakage. Set-PAOrder -Plugin SimplyCom
Route53
plugin now uses IMDSv2 when using the IAM Role support. (#509)POSHACME_HOME
environment variable now supports Windows-style (surrounded by %
) environment variable expansion. (#497)
%ProgramData%\Posh-ACME
instead of needing to set it explicitly to C:\ProgramData\Posh-ACME
for example.AZAccessToken
parameter set. (#498)RevocationReasons
enum from a .NET type to a PowerShell native enum.Revoke-PACertificate -Reason
parameter work exactly the same as before.DDNSNameserver
parameter is no longer mandatory in the RFC2136 plugin which will make nsupdate try to use whatever primary nameserver is returned from an SOA query.Set-PAServer
with no params (#475)-Subject
parameter to New-PACertificate
, New-PAOrder
, and Set-PAOrder
which will override the default x509 Subject field in the certificate request sent to the ACME CA. This can be useful for private CAs that allow for additional attributes in the Subject that public CAs don't.KasPwd
parameter actually send plaintext since All-Inkl has deprecated the SHA1 option.