certbot-nginx 2.5.0

Certbot 2.5.0

on Python PyPI

Added

• acme.messages.OrderResource now supports being round-tripped
  through JSON
• acme.client.ClientV2 now provides separate begin_finalization
  and poll_finalization methods, in addition to the existing
  finalize_order method.

Changed

• --dns-route53-propagation-seconds is now deprecated. The Route53 plugin relies on the
  GetChange API
  to determine if a DNS update is complete. The flag has never had any effect and will be
  removed in a future version of Certbot.
• Packaged tests for all Certbot components besides josepy were moved inside
  the _internal/tests module.

Fixed

• Fixed renew sometimes not preserving the key type of RSA certificates.
  • Users who upgraded from Certbot <v1.25.0 to Certbot >=v2.0.0 may
    have had their RSA certificates inadvertently changed to ECDSA certificates. If desired,
    the key type may be changed back to RSA. See the User Guide.
• Deprecated flags were inadvertently not printing warnings since v1.16.0. This is now fixed.

More details about these changes can be found on our GitHub repo.