Cert Warden v0.24.4

[v0.24.4] - 2025-02-03

The porkbun API url changed and requires an update. I am taking this opportunity
to rip the bandaid off and update all dependencies. Please report any issues.

Fixed

• Fix PorkBun API URL (through dependency update).
• Fixed error with duplicate element id on PaG page.
• Don't show change password widget for non-local user.
• Fix config docs regarding the removed frontend_show_debug_info item.

Changed

• Update Go to 1.23.5.
• Update Node to 18.20.6.
• Update Alpine to 3.21.
• Update acme.sh to 3.1.0.
• Update all other backend and frontend dependencies.

Cert Warden v0.24.3

[v0.24.3] - 2025-01-26

More minor tweaks, polish, and fixes.

Added

• Add ability to view the entire ACME Server's directory response in the frontend
  when the frontend debug info toggle is enabled.

Fixed

• Fix issue where multiple orders or multiple domains on one order could fail
  to validate due to the ACME Server finding the previous value for the expected
  record. This adds a 60 second delay before re-using a previously used resource.
• Fix frontend navigation links related to Providers.

Changed

• Frontend debug option was removed from environment config. Instead it
  is stored in the user's browser and can be toggled on the Settings page.

Cert Warden v0.24.2

[v0.24.2] - 2025-01-20

Very minor tweaks, polish, and fixes.

Added

• Add account select and display of account information on the Debug
  PaG page.
• Add debug log of kid on ACME signed POSTs.
• Indent debug PaG json.
• Add help link to Debug PaG page.

Fixed

• Don't require EAB fields to be populated for Account registration. If
  an Account was previously registered it will already be bound and thus
  does not need to be bound again.
• If Debug PaG URL has an invalid account id, page will redirect to the
  Accounts page.

Cert Warden v0.24.1

[v0.24.1] - 2025-01-15

Bug fixes.

Added

• Add link to the debug PaG page in frontend (rather than only having it
  as a hidden page accessible only via typing in the URL path).

Fixed

• Fix change password functionality for local admin user.
• Fix error checking when evaluating if an ACME Server returned an ACME
  type error. This really wasn't causing issues but was discovered while
  working with the new Debug PaG page.
• Fix frontend PaG page so an ACME Server error is not returned as an
  error to the frontend. Instead frontend should receive an OK response
  containing information about the ACME Server error response.

Cert Warden v0.24.0

[v0.24.0] - 2025-01-11

This release adds a number of new features and fixes.

Added

• Add OIDC suuport.
• Added tracking of last API access for keys and certs.
• Added /v1/acmeaccounts/:id/post-as-get route and a hidden frontend
  page. The form allows using PaG to a resource for troubleshooting
  purposes.
• Add language detection efforts for Accept-Language header. Always include
  sane fallback and default values.

Fixed

• Couple of dependency updates related to security.
• Improve some error messages relating to directory fetching.
• Improve validation of acme-dns config.
• Make frontend explicitly check session expiration at login. This fixes
  an issue where clock skew makes the login succeed but then returns
  the user to the login page.

Changed

• Change frontend date/time to show the date and a tooltip that includes
  the time.
• Increase access token validity to 4 minutes, up from 2 minutes.
• Remove custom http.Client package. Instead, use a custom round tripper
  to accomplish the same thing.
• Overhaul auth package functionality.

Removed

• Remove all references to old application name and remove all backward
  compatibility.

Cert Warden v0.23.0

[v0.23.0] - 2024-12-07

This release adds a few new features.

Added

• Add PFX download route (https://www.certwarden.com/docs/using_certificates/api_calls/#get-pkcs12-pfxp12-with-certificate-chain-and-private-key).
• Add challenge domain aliases (https://www.certwarden.com/docs/user_interface/providers/#domain-aliases).
• Add more detailed error messages and display them to the user.

Cert Warden v0.22.3

[v0.22.3] - 2024-11-26

Minor updates and fixes.

Added

• Log error when failing to write the env.js file.
• Add some initial code for alias support.
• Add oath-toolkit-oathtool dep for acme.sh.

Fixed

• Fix possible nil deref when serving the https certificate.
• Update gomarkdown pkg to address alert.
• Update goland-jwt pkg to address alert.

Changed

• Update to go version 1.23.3.
• Update to node version 18.20.5.
• Update acme.sh to version 3.0.9.
• Set default env.js to the actual defaults. Some users have run into issues
  writing this file, so this will bandaid the situation somewhat.

Cert Warden v0.22.2

[v0.22.2] - 2024-09-29

Update Vite to address some security issues.

Cert Warden v0.22.1

[v0.22.1] - 2024-09-07

The auto ordering logic was updated to make Cert Warden more friendly to all ACME
servers (instead of focusing on Let's Encrypt). Renewal time is now calculated
based on the percentage of a certificate's validity that is remaining instead of
a static number of days. A tooltip was added to easily see this information in the
Dashboard. Eventually the ACME Renewal Information (ARI) Extentsion will be used
but since the relevant spec is not yet finalized, I have chosed to not implement
it yet.

Added

• Add tooltip on frontend Dashboard when hovering over the days until expiration.
  Tooltip shows percentage of validity remaining and the anticipated automatic
  renewal date.

Fixed

• Updated grpc dependency on backend. I don't believe the issue actually
  impacts Cert Warden but the update was done anyway.

Changed

• Change auto ordering (i.e., renewal) logic. Instead of a fixed number of
  days remaining, calculate when 1/3 of the certificate's validity remains
  and then place the new order. For extremely short dated certificates, a
  backstop value of 10 days is used and if validity drops below that regardless
  of percentage, a new order will be placed.
• Update frontend expiration days coloring to match the same logic as backend.
  Warning color is used when a cert is within a week of renewal and red is used
  when renewal is imminent or overdue.
• Convert backend Order object time int members to time.Time.
• Overhaul frontend Flag component to separate logic out for different flags.
• Update pagination package so default value will return all results from the db.
• Update axios to 1.7.4 and vite to 5.4.0.
• Tighten some linting rules and lint accordingly.
• Use math/rand/v2 in safecert package.

Removed

• Remove valid_remaining_days_threshold config option in favor of new
  certificate renewal logic.
• Remove some dead validTo/validFrom code in backend.

Cert Warden v0.22.0

[v0.22.0] - 2024-07-11

Important

Old API routes using the /legocerthub prefix were previously
deprecated but are now completely removed. Anything still using the
old routes after upgrade will break.
Additionally, the legocerthub docker builds will no longer be
updated. Builds starting with this version will only be posted under
certwarden on both GitHub and DockerHub.

This release removes some old remnants of LeGo CertHub and also adds some
minor features.

Added

• Add ability to specify the desired Root Certificate for a certificate.
  This option was added under the CSR of a Certificate and behaves the
  same way as Certbot's --preferred-chain flag.
• Add confirmation dialog for certificate order revocation. Additionally,
  the confirmation dialog allows specifying a recovation code.
• Add a button on the frontend edit account screen to easily copy the
  account URL.

Fixed

• Fix footer theme icon to correctly use my custom component.

Changed

• Changed orders table to show the root cert's Common Name moving
  forward. Since this information was not parsed in previous versions,
  it will not be displayed on existing orders, only on orders fulfilled
  in this version and later.

Removed

• Remove old /legocerthub redirect routes. This will break anything
  still using the old routes.
• Disable posting of new docker builds under the old legocerthub
  name.