Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

dehydrated-0.7.0-3.2 RPM for noarch

From OpenSuSE Ports Tumbleweed for noarch

Name: dehydrated Distribution: openSUSE:Factory:zSystems
Version: 0.7.0 Vendor: obs://
Release: 3.2 Build date: Sun Jun 6 21:59:33 2021
Group: Unspecified Build host: s390zp21
Size: 183101 Source RPM: dehydrated-0.7.0-3.2.src.rpm
Summary: A client for signing certificates with an ACME server
This is a client for signing certificates with an ACME server
(currently only provided by letsencrypt) implemented as a relatively
simple bash-script.

It uses the openssl utility for everything related to actually
handling keys and certificates, so you need to have that installed.

Other dependencies are: curl, sed, grep, mktemp (all found on almost
any system, curl being the only exception).






* Tue Mar 30 2021 Marcus Rueckert <>
  - Enable instantiated services (boo#1184165)
* Mon Mar 29 2021 Marcus Rueckert <>
  - Prepare instantiated service/timer support but not enable it:
    This seems to fail due to missing systemd support right now.
    So the only option at the moment is to copy the timer and unit
    file for a 2nd instance. Mark all files as part of
* Mon Mar 29 2021 Marcus Rueckert <>
  - Rework support for /etc/dehydrated/postrun-hooks.d/:
    dehydrated.service nolonger starts them directly, the support was
    moved to a separate unit file. Please run:
    systemctl enable dehydrated-postrun-hooks.service
    to restore this functionality
  - Run dehydrated as dehydrated user again
* Mon Mar 29 2021 Marcus Rueckert <>
  - Do not use the full path for config.d in the config files, which
    will simplify implementing multi instance support.
* Mon Mar 29 2021 Marcus Rueckert <>
  - Added more-examples.patch:
    Explain how we can have per certificate key algorithms
* Sun Mar 14 2021 Olav Reinert <>
  - Add directory where cleanup can archive unused certificates
* Wed Mar 03 2021 Daniel Molkentin <>
  - Clarified new default settings. KEY_ALGO=secp384r1. Please consult
    README.maintainer for details and how to return to RSA-based certificate
    issuance. (jsc#ECO-3435, jsc#SLE-15909)
  - Added a note about ACMEv1 deprecation
  - Added a note on new ACME providers and the new non-URL provider syntax
    See README.maintainer for details.
* Thu Dec 10 2020 Daniel Molkentin <>
  - Update to dehydrated 0.7.0 (JSC#SLE-15909)
      Support for external account bindings
      Special support for ZeroSSL
      Support presets for some CAs instead of requiring URLs
      Allow requesting preferred chain (--preferred-chain)
      Added method to show CAs current terms of service (--display-terms)
      Allow setting path to domains.txt using cli arguments (--domains-txt)
      Added new cli command --cleanupdelete which deletes old files instead of archiving them
      No more silent failures on broken hook-scripts
      Better error-handling with KEEP_GOING enabled
      Check actual order status instead of assuming it's valid
      Don't include keyAuthorization in challenge validation (RFC compliance)
      Using EC secp384r1 as default certificate type
      Use to parse JSON
      Use account URL instead of account ID (RFC compliance)
      Dehydrated now has a new home:
      Added OCSP_FETCH and OCSP_DAYS to per-certificate configurable options
      Cleanup now also removes dangling symlinks
* Thu Nov 19 2020 Daniel Molkentin <>
  - dehydrated-apache2: Check for mod_compat (bsc#1178927)
* Mon Sep 14 2020 Daniel Molkentin <>
  - Reenable nginx subpackage for factory
* Mon Jun 29 2020 Daniel Molkentin <>
  - Update maintainer file and package description, remove features
    that are better described in the (upstream maintained) man page.
* Mon Jun 29 2020 Daniel Molkentin <>
  - Remove potentially harmful scriptlet (bsc#1154167). Documented
    transition case in the maintainer README. Unlikely enough. The
    versions that have not transitioned yet would be broken for more
    than two years now.
* Wed May 06 2020 Daniel Molkentin <>
  - Removed lighttpd 1.x integration package. If you still would like
    to use lighttpd with dehydrated, follow the instructions in the
    README.maintainers file.
* Mon Apr 20 2020 Daniel Molkentin <>
  - Fix lighttpd config file (boo#1169834)
  - Provide nginx subpackage for SLE 15+ (jsc#SLE-11727)
* Mon Feb 03 2020 Dominique Leuenberger <>
  - Drop systemd BuildRequires: pkgconfig(systemd) is already in
    place and is synonymous.
* Thu Oct 17 2019 Richard Brown <>
  - Remove obsolete Groups tag (fate#326485)
* Sat Aug 10 2019 Daniel Molkentin <>
  - Behavioral change: Use cron only for older RHEL/CentOS versions
    (along with SLE < 12.0). Everything else now uses systemd.
    Please adopt accordingly! Refer to for
* Wed Jun 26 2019 Daniel Molkentin <>
  - Update to dehydrated 0.6.5
    * Fixed broken APIv1 compatibility from last update
* Tue Jun 25 2019 Daniel Molkentin <>
  - Update to dehydrated 0.6.4
    * Fetch account ID from Location header instead of account json (bsc#1139408)
  - Update to dehydrated 0.6.3
    * OCSP refresh interval is now configurable
    * Implemented POST-as-GET
    * Call exit_hook on errors (with error-message as first parameter)
    * Initial support for tls-alpn-01 validation
    * New hook: sync_cert (for syncing certificate files to disk, see example
      hook description)
    * Fetch account information after registration to avoid missing account id
* Tue Jan 22 2019 Daniel Molkentin <>
  - Remove RandomizedDelaySec attribute for distros with older systemd
* Fri Apr 27 2018
  - Update to dehydrated 0.6.2
    * removes 0001-fixed-CA-url-in-example-config.patch
    * removes 0002-don-t-walk-certificate-chain-for-ACMEv2-certificate-.patch
    * New deploy_ocsp hook
    * Allow account registration with custom key
    * Don't walk certificate chain for ACMEv2 (certificate contains chain by default)
    * Improved documentation on wildcards
    * Added workaround for compatibility with filesystem ACLs
    * Close unwanted external file-descriptors
    * Fixed JSON parsing on force-renewal (bsc#1091216)
    * Fixed cleanup of challenge files/dns-entries on validation errors
    * A few more minor fixes
* Thu Mar 15 2018
  - Don't add intermediate certificates twice when using ACMEv2 (bsc#1085305)
    * Adds 0002-don-t-walk-certificate-chain-for-ACMEv2-certificate-.patch
* Wed Mar 14 2018
  - Fix issues introduced by 0.6.1 (bsc#1085305)
    * bring back man page
    * reflect new endpoint in (commented out) config file section
      (adds 0001-fixed-CA-url-in-example-config.patch, backported
      from upstream's master branch)
* Tue Mar 13 2018
  - Updated dehydrated to 0.6.1 (bsc#1084854)
    * Use new ACME v2 endpoint by default
* Mon Mar 12 2018
  - Updated dehydrated to 0.6.0 (bsc#1084854)
    * Challenge validation loop has been modified to loop over authorization identifiers instead of altnames (ACMEv2 + wildcard support)
    * Removed LICENSE parameter from config (terms of service is now acquired directly from the CA directory)
    * Support for ACME v02 (including wildcard certificates!)
    * New hook: generate_csr (see example hook script for more information)
    * Calling random hook on startup to make it clear to hook script authors that unknown hooks should just be ignored...
* Mon Jan 15 2018
  - Remove redundant noarch entries. They cause an error in RPM 4.14.
* Mon Jan 15 2018
  - Updated dehydrated to 0.5.0
    This removes the following patches and files, which are now part of the
    upstream package:
    * 0001-Add-optional-user-and-group-configuration.patch
    * 0002-use-nullglob-disable-warning-on-empty-CONFIG_D-direc.patch
    * dehydrated.1: the man page has been adopted by upstream
    Starting with this version, upstream introduced signed releases, which
    is now being used for source validation.
    Upstream changes:
    * Certificate chain is now cached (CHAINCACHE)
    * OpenSSL binary path is now configurable (OPENSSL)
    * Cleanup now also moves revoked certificates
    * New feature for updating contact information (--account)
    * Allow automatic cleanup on exit (AUTO_CLEANUP)
    * Initial support for fetching OCSP status to be used for OCSP stapling
    * Certificates can now have aliases to create multiple certificates with
      identical set of domains (see --alias and domains.txt documentation)
    * Allow dehydrated to run as specified user (/group). This was already
      available previously as a patch to this package.



Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Nov 24 23:56:42 2021