This release improves use at large scale:
- Adjusted default internal throttle for ACME transactions from 20 every minute to 10 every 10 seconds. This should allow for higher throughput with busy clients without impacting CA networks too much.
- Clarified in the docs that
NextProtosneeds to be set by you on atls.Configif you are not using a CertMagic function that serves an application on top of TLS. In other words, if you're not using theHTTPS()function, you should setNextProtosto the proper values for your application. (This is not new, nor a change. Just a helpful note in the docs.) - Fixed a bug that affected a small subset of users with lots of on-demand certificates ( > 10,000) and some non-on-demand certificates that would cause the non-on-demand certificates to be evicted from the cache. They are now reloaded later if this happens. (Note: the non-on-demand certs must be managed; this won't work for manually-managed certs.)
- ⚠️ Changed
ManageSync()to take acontext.Contextas the first argument, so that synchronous operations can also be cancelled and cleaned up. This is a breaking change that may affect a small subset of users.