Posh-ACME 4.5.0
New plugins, new revocation function, and misc fixes
Just shipped a new Posh-ACME release, version 4.5.0. There are new plugins for PCExtreme (called Aurora) and UKFast. There’s also a new dedicated function for certificate revocation called Revoke-PACertificate
.
The current revocation functionality is sort of hidden in Set-PAOrder -RevokeCert
and only really able to revoke certs that were obtained by the current Posh-ACME account. But the ACME protocol supports additional methods for revocation where all you need is the certificate and its private key even if you have lost access to the original account that requested it. The new function supports these additional methods. For example:
$certPath = '/path/to/cert.pem'
$keyPath = '/path/to/key.pem'
Revoke-PACertificate -CertFile $certPath -KeyFile $keyPath -Reason keyCompromise
Updated versions can be found in the PowerShell Gallery or GitHub. Installation instructions are in the Readme.
Changelog
- Added new DNS plugins
- Aurora for PCExtreme (Thanks @j81blog)
- UKFast (Thanks @Overglazed)
- Added new function
Revoke-PACertificate
which provides more options for cert revocation including the ability to revoke certs not created with other clients or ACME accounts if you have the private key. - Added
ManualNonInteractive
switch to the Manual plugin to suppress the interactive prompt after showing the TXT record details that need to be created. (Thanks @hhhuut) - Added additional guidance in the plugin dev guide.
- Optimized module load time by pre-caching native plugin details.
- Fixed support for IDN domains in Simply plugin (Thanks @Norskov)
- Fixed Azure plugin bug when DnsAlias matches the zone apex. (#348)
- Fixed Azure plugin to support IMDS auth within Azure Automation. (#349)
- Fixed tests for Pester 5.2