Added
- Added certbot.ocsp Certbot's API. The certbot.ocsp module can be used to
determine the OCSP status of certificates. - Don't verify the existing certificate in HTTP01Response.simple_verify, for
compatibility with the real-world ACME challenge checks.
Changed
- Certbot will now renew certificates early if they have been revoked according
to OCSP. - Fix acme module warnings when response Content-Type includes params (e.g. charset).
- Fixed issue where webroot plugin would incorrectly raise
Read-only file system
error when creating challenge directories (issue #7165).
Fixed
More details about these changes can be found on our GitHub repo.