- Updated README.md with new directives and howto.
- New directives "MDCertificateFile" and "MDCertificateKeyFile" that allow defining
Managed Domains for certificates coming from somewhere else. - "MDRenewMode" is the new name of "MDDriveMode" (which is still available for
backward compatibility). This should make it easier to understand what it does. - Removing some fields form the store MD JSON, now that we can inspect the pubcert itself
all the time. Less store updates. - Dropped support for the pre-v1.x function that mod_ssl used in ancient patches.
- public cert chain now gets cached in memory before server drops privileges, so we always
have access to it. Allowed to drop some pre-computed values such as the SHA256 fingerprint. - Adding "" as a shortcut to "". It just reads that much better.
- More "how to"s in README.md
MDPortMap
directive now also acceptshttp
andhttps
as external ports.http:8888
would
mean that http requests from the internet arrive on local port 8888.- Started "how to"s in README.md
- MDRequireHttps handler now runs after mod_ssl, so that it can report SSL errors before.
- All GET requests against an ACMEv2 endpoint (except directory and nonce retrievals), are
now made as POST with an empty, JWS signed body. See
https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380
for the necessity of this API change at LetsEncrypt.