mirror of
https://github.com/certbot/certbot.git
synced 2026-01-26 07:41:33 +03:00
821bec6997
This PR is a part of the tls-sni-01 removal plan described in #6849. This PR removes --tls-sni-01-port, --tls-sni-01-address and tls-sni-01/tls-sni options from --preferred-challenges. They are replace by deprecation warning, indicating that these options will be removed soon. This deprecation, instead of complete removal, is done to avoid certbot instances to hard fail if some automated scripts still use these flags for some users. Once this PR lands, we can remove completely theses flags in one or two release. * Remove tls-sni related flags in cli. Add a deprecation warning instead. * Adapt tests to cli and renewal towards tls-sni flags deprecation * Add https_port option. Make tls_sni_01_port show a deprecation warning, but silently modify https_port if set * Migrate last items * Fix lint * Update certbot/cli.py Co-Authored-By: adferrand <adferrand@users.noreply.github.com> * Ensure to remove all occurences of tls-sni-01 * Remove unused parameter * Revert modifications on cli-help.txt * Use logger.warning instead of sys.stderr * Update the logger warning message * Remove standalone_supported_challenges option. * Fix order of preferred-challenges * Remove supported_challenges property * Fix some tests * Fix lint * Fix tests * Add a changelog * Clean code, fix test * Update CI * Reload * No hard date for tls-sni removal * Remove useless cast to list * Update certbot/tests/renewal_test.py Co-Authored-By: adferrand <adferrand@users.noreply.github.com> * Add entry to the changelog * Add entry to the changelog
23 lines
896 B
INI
23 lines
896 B
INI
# This is an example of the kind of things you can do in a configuration file.
|
|
# All flags used by the client can be configured here. Run Certbot with
|
|
# "--help" to learn more about the available options.
|
|
#
|
|
# Note that these options apply automatically to all use of Certbot for
|
|
# obtaining or renewing certificates, so options specific to a single
|
|
# certificate on a system with several certificates should not be placed
|
|
# here.
|
|
|
|
# Use a 4096 bit RSA key instead of 2048
|
|
rsa-key-size = 4096
|
|
|
|
# Uncomment and update to register with the specified e-mail address
|
|
# email = foo@example.com
|
|
|
|
# Uncomment to use the standalone authenticator on port 443
|
|
# authenticator = standalone
|
|
|
|
# Uncomment to use the webroot authenticator. Replace webroot-path with the
|
|
# path to the public_html / webroot folder being served by your web server.
|
|
# authenticator = webroot
|
|
# webroot-path = /usr/share/nginx/html
|