Enhancements
- The preliminary validation check for DNS validation plugins now queries one of the domain's authoritative name servers (just like Let's Encrypt does) rather than a public OpenDNS server. This was contributed by @davidpeden3 in #1053 and #1061. The
DnsServersetting still overrides this behavior, so that setting has to be emptied on existing installs to trigger this behavior. For new deployments it is default behavior. - It's now possible to have emails sent for successful renewals as well, using the
EmailOnSuccesssetting. They will be sent with low priority, whereas failures get a high priority flag. - There is a new setting called
DeleteStaleCacheFileswhich instructs the program to delete cached certificate files older than 120 days. Being that old they should be long-expired, meaning the renewals that once generated them have been cancelled or have at least been failing for a couple of months. Use with caution though, especially when you've pointed yourCertificatePathto some custom location!
Bug fixes
- #1048 - Some of the settings in
settings_default.configwere misnamed, reported by @qpple. - #1049 - When using the DnsScript plugin in interactive mode it was not possible to actually override the parameters for the delete script, reported by @Virinum
- #1050 - Fix non-fatal exception in the FTP and WebDav plugins
- #1051 - Fix failing DnsScript validation on specific token values (starting with
-) that would confuse the Powershell command line interpreter, reported by @highstrike - #1052 - Fix crash when using PemFiles store plugin for certificates with a wildcard as CommonName, reported by @highstrike
- #1056 - The failure notification email was not sent for every type of failure, reported by @kabilan-baskaran