0.8.0

The 0.8 release contains substantial changes to make the API more modular. It integrates full support for ACME Renewal Information (ARI, recently standardized as RFC 9773). Since the 0.7.2 release, @cpu has joined the team and made many important contributions, including integration tests against the Pebble test server.

New features

• Add support for the profiles extension draft (see #98)
• Add support for the renewal information extension (see #85)
• Add support for IP address identifiers (#97)
• Add support for account and authorization deactivation (see #89)
• Add support for account key rollover and contact information update (see #100)
• Add support for subproblems (see #81)
• Add support for device attestation draft (experimental) (see #126)

Breaking API changes

• Use a builder setup to build accounts via Account::builder() or Account::builder_with_http() (see #110)
• NewOrder values must be created through a builder as well (via NewOrder::new())
• Authorizations can now be accessed via a stream-like API available through Order::authorizations() (see #92)
• Integrated API to poll order readiness and certificate, with configurable retry policy (see #108, #121)

When upgrading, consider reviewing the current version of our example code.

What's Changed

• Clarify documentation on external account key encoding by @djc in #73
• Start implementing Pebble-based integration testing by @cpu in #74
• pebble: improve test environment, test DNS-01 and TLS-ALPN-01 challenge types by @cpu in #77
• Extract Order::poll() method by @djc in #78
• README: small tweaks by @cpu in #82
• Implement RFC 8555 §6.7.1 subproblems by @cpu in #81
• Add Pebble integration test external account binding (EAB) coverage by @cpu in #83
• Fix authorization reuse in provision.rs and the Pebble integration tests by @cpu in #86
• Implement ACME Renewal Information (ARI) by @cpu in #85
• docs: add missing cargo features by @cpu in #87
• Switch default crypto provider from ring to aws-lc-rs by @djc in #88
• Add authorization and account deactivation by @cpu in #89
• Scope API to wrapper types by @djc in #92
• Add simplified Order::finalize() method by @djc in #95
• lib: enforce ARI order state includes replaces by @cpu in #96
• Add RFC 8738 IP address identifiers by @cpu in #97
• Profiles by @djc in #98
• probem details from challenge object by @christianhoelzl in #101
• Acme account features by @christianhoelzl in #100
• Yield error state from Order::poll() if set by @djc in #102
• ci: switch back to pre-built Pebble by @cpu in #106
• docs: update ARI draft refs to RFC 9773 by @cpu in #107
• Encapsulate retry policy in a type by @djc in #108
• Use rustls-platform-verifier in the default client by @djc in #111
• Use builder pattern for Account creation by @djc in #110
• Add support for Retry-After headers in poll() by @djc in #109
• Apply suggestions from clippy 1.88 by @djc in #116
• Add support for loading existing accounts from key by @djc in #120
• Upgrade to rcgen 0.14 by @djc in #122
• Yield Break from RetryState::wait() on last iteration by @djc in #119
• Add Account::key_thumbprint() for convenience by @rickhan in #124
• Rename server_url to directory_url by @djc in #123
• poll certificate function by @christianhoelzl in #121
• extend renewal_info() to yield retry-after header by @christianhoelzl in #125
• ci: add external types and semver compat checks by @cpu in #130
• account: support default client w/ custom root CA by @cpu in #131
• introduce send_device_attestation() for device-attest-01 challenge by @christianhoelzl in #126