Publishing details
Changelog
lacme (0.8.3-1) unstable; urgency=high
* New upstream bugfix release.
+ Fix post-issuance validation logic. We avoid pining the intermediate
certificates in the bundle and instead validate the leaf certificate
with intermediates supplied during issuance as untrusted (used for chain
building only). Only the root certificates are used as trust anchor.
Not pining intermediate certificates is in line with Let's Encrypt's
latest recommendations.
Closes: #1072847
+ Pass `-in /dev/stdin` option to openssl(1) to avoid warning with OpenSSL
3.2 or later.
+ Fix test suite to account for Let's Encrypt's (staging) ACME server
changes.
* d/control: Update Standards-Version to 4.7.0 (no changes necessary).
-- Guilhem Moulin <email address hidden> Thu, 13 Jun 2024 17:56:33 +0200
Builds
Built packages
-
lacme
ACME client written with process isolation and minimal privileges in mind
-
lacme-accountd
lacme account key manager
Package files