Posh-ACME 3.11.0
Improvements for Install-PACertificate and new function Revoke-PAAuthorization.
Just shipped a new Posh-ACME release, version 3.11.0. The Install-PACertificate
function now has optional parameters that allow you to specify the Windows certificate store location and name in case the defaults (LocalMachine\My) aren’t what you need. You can also use the -NotExportable
switch to mark the certificate as non-exportable. There’s also a new function called Revoke-PAAuthorization which is mostly useful for testing a new configuration. It allows you to revoke one or more existing authorizations associated with an account so that when you generate a new certificate, the ACME server will require a full re-validation for those names.
Updated versions can be found in the PowerShell Gallery or GitHub. Installation instructions are in the Readme.
Changelog
- Added
Revoke-PAAuthorization
which enables revocation of identifier authorizations associated with an account. Get-PAAuthorizations
now has an optional -Account parameter and better error handling.Get-PAAuthorization
has been added as an alias forGet-PAAuthorizations
to better comply with PowerShell naming standards. It will likely be formally renamed in version 4.x and the old name should be considered deprecated. This change should allow dependent scripts to prepare for that change in advance.Install-PACertificate
now supports parameters to select the store name, location, and the exportable flag.- Workaround for Boulder issue that doesn’t return JSON error bodies for old endpoints.
- Fixed bug creating new orders with a changed KeyLength value that was preventing the required new private key from being created.