github fabriziosalmi/certmate v2.6.6
v2.6.6 - close #193: 4 cleanup points from v2.5.5 key-options review
on GitHub

latest releases: v2.6.8, v2.6.7
2 hours ago

Closes #193. Four atomic commits cleaning up follow-up points from the v2.5.5 (PR #156) review. No behaviour change visible to operators; one tiny information-disclosure tightening on the API.

What landed

  • test(key-options): stale docstring fixed (the test rejected rsa+1024, not rsa+curve as the docstring claimed) + new test pins the deliberate soft-validate contract (inactive field stashed verbatim so the UI doesn't lose values on RSA <-> ECDSA toggles).
  • fix(api): key-options validation now runs AFTER the domain scope check on the cert-create endpoint. Out-of-scope callers can no longer probe field-specific 400 messages for domains they cannot see.
  • fix(api): per-cert key_type/key_size/elliptic_curve no longer persisted as dead state in settings.json. Renewals preserve shape via certbot's own renewal/<domain>.conf.
  • refactor(settings): _SECRET_KEYS regex + _NON_SECRET_KEYS allowlist hoisted to module scope (was rebuilt per GET).

Closes #193.

Check out latest releases or
releases around fabriziosalmi/certmate v2.6.6

Don't miss a new certmate release

NewReleases is sending notifications on new releases.

Get notifications