- PAOrder objects now have a flag to optionally use modern encryption options on generated PFX files. This will prevent the need to use "legacy" mode when reading the files with OpenSSL 3.x. However, it breaks compatibility with OpenSSL 1.0.x and earlier.
- You can use the
-UseModernPfxEncryption
flag withNew-PACertificate
,New-PAOrder
, andSet-PAOrder
. When used withSet-PAOrder
, existing PFX files will be re-written based on the flag's new value. - Use
Set-PAOrder -UseModernPfxEncryption:$false
to switch back to the default setting. - The default for new orders will likely remain off until Posh-ACME 5.x is released.
- You can use the
- Added new DNS plugin PortsManagement (Thanks @wemmer)
- The GCloud plugin has a new optional parameter,
GCProjectId
that takes one or more string values. This is only required if the DNS zones to modify don't reside in the same project as the service account referenced byGCKeyFile
or they reside in multiple projects. When used, be sure to include all project IDs including the one referenced byGCKeyFile
. - Added Google's new free ACME CA to the CA comparison doc
- Upgraded the embedded BouncyCastle library to 1.9.0
- Fixed UKFast plugin to support paging for accounts with many domains (Thanks @0x4c6565)
- Fixed PFX friendly name generation when not provided in the order.