- case-insensitive parsing of location HTTP header field (#4)
- wait in several attempts for successful challenge validation instead of hard-coded 5 seconds (#5)
- store server and intermediate certificate together in one file (#6)
- using such chain files instead of configuring the intermediate separately is the easier and I assume more common setup nowadays
- that way, when intermediate certificate changes you don't need to adapt your configuration which makes Let's Encrypt integration easier
- use User-Agent header "bacme" for HTTP requests
- Let's Encrypt may send emails to you about the client software accessing them. For example they informed about clients still using ACMEv1 (not bacme). In such emails the user agent is mentioned.
- fixed bug when retrieving the challenge URL and token
- renamed from lecert to bacme to avoid Let's Encrypt trademark issues
- migrated to ACMEv2 API (RFC 8555)
- option -w/--webroot for automating the copying of token files to the DocumentRoot, either locally or remote via rsync
- Configurable list of multiple domain names (#1)
- adapted normal and debug output of script
- use http://keepachangelog.com formatting for this CHANGELOG
- manage private key file permissions so they are ownly owner-accessible at any time of their generation
- Load openssl.conf relative to script path (#2)
- renamed option -d/--debug to -v/--verbose
- automatic use of newest subscriber agreement URL
- logging
- initial version