Just shipped a new Posh-ACME release, version 4.0.0. This is a huge personal win for me that took far longer than I had originally intended. So I’m super excited to finally get it out the door.

Just shipped a new Posh-ACME release, version 3.20.0. The Azure plugin has been enhanced in this release thanks to @InKahootz and now supports targeting additional Azure cloud environments that support specific countries or governments. There are also some fixes for the Simply plugin.

Just shipped a new Posh-ACME release, version 3.19.0. There is a new DNS plugin for Simply which is ultimately just a clone of the existing UnoEuro plugin. The provider changed their name and their API endpoint, but it should function the same. DNSPod also changed their API recently and the plugin has been updated to account for those changes, but users will need to create and set an updated API key in their configs in order for renewals to continue working. Details are in the usage guide.

Just shipped a new Posh-ACME release, version 3.18.0. The highlight of this release is a plugin for DuckDNS. DuckDNS is a free, but troublesome provider to work with because their API only allows for a single TXT record to exist at a time. That means if you’re trying to get a cert that has more than one name in it, such as example.com and www.example.com, you need to publish and validate each TXT record separately instead of publishing both records and validating them at the same time.…

Just shipped a new Posh-ACME.Deploy release, version 1.2.0. There is now a Set-IISFTPCertificate function. It requires the same WebAdministration module the other IIS function does and has been tested on Windows Server 2019, but will likely work against earlier versions as well. In addition to updating the cert, it can also be used to change other SSL related FTP parameters like Control Channel Policy, Data Channel Policy, and whether to use 128-bit encryption.

Just shipped a new Posh-ACME release, version 3.17.0. The highlight of this release is the ability to import or export the private key associated with an ACME account. When creating a new account or performing a key rollover for an existing account, Posh-ACME will normally generate a new random private key automatically. But you now have the option to import an existing key instead of having one generated. It works like this:

Just shipped a new Posh-IBWAPI release, version 3.2.0. There is now a ProfileName parameter associated with all of the public functions that have connection specific parameters such as WAPIHost, WAPIVersion, and Credential. This should make it easier to change profiles on a per-call basis instead of needing to run Set-IBConfig to switch away and back again.

An IPAM solution is not very useful unless it accurately reflects the state of your network. The discovery features in NIOS have always been one of the great benefits of having Infoblox DDI. Network Insight and NetMRI focus on discovery of network gear and what is connected to it. The vDiscovery feature adds the ability to discover virtual infrastructure in both public and private cloud environments. All of these working together can give you a super accurate picture of what exists on your…

Just shipped a new Posh-ACME release, version 3.16.0. The highlight of this release is Preferred Chain support which is an advanced but important feature with Let’s Encrypt’s impending root transition. When you download a certificate from an ACME server, you also get the issuing chain with that certificate. But for certificate authorities with complex issuance hierarchies, the ACME server may have multiple valid hierarchies to choose from. This new feature allows you to specify which…

Just shipped a new Posh-ACME.Deploy release, version 1.1.0. There is now a Set-ExchangeCertificate function thanks to Erik Nemchik (@nemchik). It requires the Microsoft.Exchange.Management.PowerShell snap-in and has been tested successfully against Exchange 2019, but may work against earlier versions as well.