1.1.0-beta.81

Changes

See v1.1.0-beta.73...v1.1.0-beta.81 for a list for complete changes since the last beta release.

See v1.0.1...v1.1.0-beta.81 for a list for complete changes since the last stable release.

Notes

Packages have been posted to these feeds:

NuGet.org

https://nuget.org/packages/LettuceEncrypt/1.1.0-beta.81
https://nuget.org/packages/LettuceEncrypt.Azure/1.1.0-beta.81

GitHub Package Registry

https://github.com/natemcmaster?tab=packages&repo_name=LettuceEncrypt

1.0.1

https://www.nuget.org/packages/LettuceEncrypt/1.0.1
https://www.nuget.org/packages/LettuceEncrypt.Azure/1.0.1

Changes:

• 62273c0 Upgrade package version to 1.0.1
• c8f17c3 fix: detect KestrelServer in net5 (#159)

This list of changes was auto generated.

1.1.0-beta.73

Changes:

• a871f3f Resolve ILogger in AcmeCertificateFactory #125
• 54397dc build(deps): bump Moq from 4.14.3 to 4.14.4
• e8d044f build(deps): bump Moq from 4.14.1 to 4.14.3
• 4ff0917 Change default branch to 'main' (#120)
• db58d21 build(deps): bump Microsoft.AspNetCore.Server.Kestrel.Core

This list of changes was auto generated.

1.1.0-beta.60

Changes:

• b9ec34c build(deps): bump xunit.runner.visualstudio from 2.4.1 to 2.4.2
• 93926b8 refactor: split startup state into a state for awaiting renewal and another for beginning the creation of a certificate
• 4c68d81 refactor: begin to refactor ACME certificate generation into the state pattern
• b684577 refactor: extract external calls to ACME server into a class (#111)
• 64c2c0f feature: add API to configure LettuceEncrypt when also calling 'UseKestrel' to configure its HTTPS defaults or endpoints (#109)
• 24a265a fix: workaround bug in Windows SSL stream when generating temporary self-signed certs [ dotnet/runtime#23749 ]
• 239c503 feature: create abstraction for SNI certificates in Kestrel
• 1d8502c Bump version to 1.1.0
• 897e6e7 Update Microsoft.Extensions.DependencyInjection.Abstractions to 2.1.1
• 139aa40 build(deps): [security] bump Microsoft.AspNetCore.Server.Kestrel.Core

See More

• 29537c5 build(deps): bump Moq from 4.13.1 to 4.14.1
• 227df7f build(deps): bump Certes from 2.3.3 to 2.3.4
• c5edb7e build(deps): bump coverlet.collector from 1.2.1 to 1.3.0
• cf45f4e Update README.md

This list of changes was auto generated.

1.0.0

First release under new name, LettuceEncrypt 🥬 . For details on the upgrade and why the project was renamed, see #99.

https://www.nuget.org/packages/LettuceEncrypt/1.0.0
https://www.nuget.org/packages/LettuceEncrypt.Azure/1.0.0

Thanks to the project's contributors for your help!

Feature

• @natemcmaster - store account information in Azure Key Vault when it is configured to also store certificates (#96)
• @natemcmaster - support configuring Azure Key Vault settings from appsettings.json under the 'LettuceEncrypt:AzureKeyVault' section (022d588)
• @natemcmaster - make public the API for configuring the directory URI to the ACME server (#97)

Bug fixes

• @Crypth - fix issue in fetching private keys from Azure Key Vault (#78)
• @natemcmaster - fix issues with saving certificates when running under a Linux system account (#82)
• @natemcmaster - fix issues with validating the certificate chain when using Let's Encrypt's staging server (c927cd2)

Changes:

• a6fcc13 docs: update release notes and prepare for 1.0.0 release
• bc58f60 refactor: rename interface to ICertificateAuthorityConfiguration
• 9086388 refactor: add public API for configuring certificate authority settings
• c927cd2 cleanup: add more logging and avoid duplicate checks of cert chain
• 2143e73 fix: suppress errors thrown when certificate chain is invalid and warnings about self-signed certs
• 022d588 feature: support config binding for Azure Key Vault settings
• 057c076 refactor: extract code for creating Azure Key Vault clients into separate classes
• 15edef5 cleanup: run code formatter and fix typos
• b2eabac Add nullable annotations to publicapi doc
• 07db031 build(deps): bump Microsoft.CodeAnalysis.PublicApiAnalyzers

See More

• 1cdd53c feature: store the Let's Encrypt account in Azure KeyVault as a secret
• 587d3dc refactor: rename namespaces and class types for Azure KeyVault integration
• 12d43df cleanup: rename files to match class names
• 2740bba docs: update release notes
• ba91d19 docs: document API for customizing certificate and account storage and loading
• 4e4d7f9 build(deps): bump coverlet.collector from 1.1.0 to 1.2.1
• 60e8408 build(deps): bump Microsoft.NET.Test.Sdk from 16.4.0 to 16.6.1
• 58515d9 build(deps): bump System.Text.Json from 4.7.1 to 4.7.2
• fc88f53 fix: fetch cert and the private key from Azure Key Vault (#78)
• 139de52 Remove code signing (#85)
• 1cb9aaf Let's rename everything to LettuceEncrypt 🥬 (#84)
• a62c5ce fix: ensure failure in one cert repository doesn't prevent saving the cert to others

This list of changes was auto generated.

How to upgrade from 0.5.0

Step 1 - your .csproj file

Replace usage of the McMaster.AspNetCore.LetsEncrypt with LettuceEncrypt.

- <PackageReference Include="McMaster.AspNetCore.LetsEncrypt" Version="0.5.0" />
- <PackageReference Include="McMaster.AspNetCore.LetsEncrypt.Azure" Version="0.5.0" />
+ <PackageReference Include="LettuceEncrypt" Version="1.0.0" />
+ <PackageReference Include="LettuceEncrypt.Azure" Version="1.0.0" />

Step 2 - update appsettings.json

Use the "LettuceEncrypt" key now to configure options.

// appsettings.json
{
-    "LetsEncrypt": {
+    "LettuceEncrypt": {
        "AcceptTermsOfService": true,
        "DomainNames": [ "example.com", "www.example.com" ],
        "EmailAddress": "[email protected]",
    }
}

Step 3 - update your C# files

Find and replace all references to the 'McMaster.AspNetCore.LetsEncrypt' namespace with 'LettuceEncrypt'.

- using McMaster.AspNetCore.LetsEncrypt;
+ using LettuceEncrypt;

Also, you may need to update to use new type names and methods. You should be able to find/replace the word 'LetsEncrypt' with 'LettuceEncrypt'.

0.5.0

Thank you to those who contributed in this release!

https://www.nuget.org/packages/McMaster.AspNetCore.LetsEncrypt/0.5.0

Features:

• @mbican: Automatically renew certificates 30 days before expiration (PR #73)
• @natemcmaster: persist account information between server restarts (PR #67)
• @natemcmaster: (.NET Core 3+) support HTTPS-only config by implementing TLS/ALPN challenge validation (RFC 8737) (PR #76)

Bug fixes:

• @natemcmaster: fix bug in responding to HTTP challenges (PR #74)
• @dv00d00: workaround dotnet/aspnetcore#21183 by preloading intermediate CA certificates (PR #81)

Changes:

• e2d4c32 Update public API doc for 0.5.0 release
• 02da09d docs: update release notes to mention #81
• a6a35be fix: preload certs validation chain to avoid threadpool starvation while fetching intermediate certs (#81)
• 5bcd548 feature: implement TLS-ALPN-01 challenge verification (#76)
• 393cd86 docs: update release notes
• 0b0516d fix: don't try to create certificate twice when creating the cert fails on server startup
• 582b997 fix: wait for server to accept requests before triggering HTTP challenge validation
• 81b3274 docs: update release notes
• 983fc52 feature: auto renew certificates 30 days prior to expiration (#73)
• 06399cd Add sponsors to README

See More

• 9dd5511 refactor: extract code for checking terms of service to separate class
• bde3aca feature: store account information across server restarts
• 6ef1397 cleanup: update launchSettings.json
• 50dc13f refactor: move internal API 'GetAcmeServer' to different class
• 87fa005 Update version to 0.5.0

This list of changes was auto generated.

0.4.0

Big thanks to @twsouthwick for adding support for Azure Key Vault! Check it out here: https://www.nuget.org/packages/McMaster.AspNetCore.LetsEncrypt.Azure

Instructions: https://github.com/natemcmaster/LetsEncrypt#save-generated-certificates-to-azure-key-vault

Changes:

• 4dddc17 docs: update README, API docs, and release notes for 0.4.0
• 483bf97 Make PersistCertificatesToAzureKeyVault imply load and saving certs with Azure Key Vault (#58)
• 45ff4cb fix: load certs from directory when PersistDataWithDirectory is used (#59)
• c0ddf98 tests: skip tests in CI on Windows that add certs to the X509 store
• 090513d cleanup: remove ICertificateStore in favor of ICertificateSource [ #24 ]
• e97b8cf cleanup: make X509CertStore implement ICertificateSource
• 17c0f47 feature: add Azure KeyVault certificate storage and retrieval (#49)
• d1deb2c Update version to 0.4.0

This list of changes was auto generated.

0.3.0

The main feature of this release is support for customizing where certificates are stored. See #4 for an overview, as well as the updated README.

Changes:

• eecf8dd Prepare for 0.3.0 release
• 99b588c refactor: rename API to 'PersistDataToDirectory' to accommodate more kinds of data to be stored in the future
• 3ba5587 Update README.md
• a383c17 cleanup: fix suppressed code warning about nullable references
• 3c0e143 refactor: cleanup implementation of ACME server selection
• 452f25e fix: allow password-less .pfx files to be saved to disk
• 987f2c8 test: add tests for http challenge response middleware (#45)
• f1f3059 fix: always use the certificate with the longest lifespan
• 1aefddb refactor: change DeveloperCertLoader to implement ICertificateSource (#43)
• d6364bb refactor: read domain names from the X509Cert object (#42)

See More

• c343238 refactor: add internal abstraction for finding and loading certificates on startup (#41)
• 95b4df5 infra: add issue templates and config for github bots (#37)
• 3fd5ac9 refactor: update X509CertStore to implement ICertificateRepository (#40)
• 2980571 infra: update tests to .NET Core 3.1
• 90033e4 infra: add CI for macOS
• 23f496e test: add Coverlet
• 9ae5116 feat: add cancellation token to ICertificateRepository.SaveAsync (#38)
• 31b2d88 test: add unit tests for X509CertStore (#36)
• 53a822a Update package to 0.3.0 and embed icon (#35)
• a07d1d7 feature: add API to persist certificates to disk [ #4 ]
• b9684a4 Clarify supported web server scenarios in README (#33)
• dffce14 Document the security policy for this project (#30)
• 4a6362e Update contributing guide and move testing instructions to separate file (#28)
• 21e55bd Run code cleanup

This list of changes was auto generated.

0.2.0

0.1.0 and earlier versions depend on LetsEncrypt protocol v1, which is beginning its first phase of shutdown in November 2019. Upgrade to 0.2.0 or newer which has been updated to use the new v2 protocol.

See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details on the end-of-life plan for ACME v1.

Changes:

• dd50747 Update release notes and prepare for 0.2.0 release
• 35ee8e3 feature: update internals to use the ACME v2 protocol (#23)
• 032ff44 Update releasenotes.props
• e438989 feature: add API to configure the algorithm for generating a private key (#25) [ #20 ]
• 7f1f225 fix: don't try to load certificates when using IIS out-of-process hosting
• c1af99a fix: null reference exception when loading HTTPS without a domain name [ #19 ]
• d683367 Bump Microsoft.NET.Test.Sdk from 16.0.1 to 16.3.0 (#16)
• b1f8e04 cleanup: go back to using regular release pipelines
• e5b21ec Update Directory.Build.props
• b5263e0 Update README.md

See More

• 459939b Update Directory.Build.props
• 71ea8d8 Add more package metadata

This list of changes was auto generated.

0.1.0

Initial release! Enjoy security your website :) 🔐

You can get this package from https://www.nuget.org/packages/McMaster.AspNetCore.LetsEncrypt/0.1.0