v1.9.1 (2022-05-03)
 * Improve error message when HTTP approval is not configured.

v1.9.0 (2021-09-07)
 * Client-side DNS approval handlers have been deprecated and will be removed
   in SSLMate 2.  To continue automatically approving certificates using DNS,
   please integrate your SSLMate account with your DNS provider by visiting the
   following page: https://sslmate.com/account/integrations
 * The Route 53 approval handler now uses Python 3.

v1.8.0 (2021-06-22)
 * buy: add --no-auto-san option to disable addition of an alt name for the
   base domain or www. sub-domain.
 * edit: allow the automatic alt name (for the base domain or www. sub-domain)
   to be removed with --rm-name just like any other alt name.
 * show: always show the alt names, even if they have the default values.
 * Deprecate --multi and --no-multi options.  There is no longer a distinction
   between multi-hostname and single-hostname certificates.
 * Remove import sub-command.
 * Remove support for EV certificates.
 * buy, renew: fix bug that would display the wrong price for multi-hostname
   certificates that contained the same SANs as a standard, non-multi cert.
 * reissue, rekey: eliminate spurious "this certificate is not active" errors.

v1.7.1 (2019-03-08)
 * Bugfix release.
 * sslmate download: don't prevent further downloads if there is an error
   with just one certificate.

v1.7.0 (2018-06-20)
 * Add support for wildcards in multi-hostname certificates.

v1.6.0 (2017-08-03)
 * Add support for HTTP approval (see https://sslmate.com/help/approval/http).
 * Fix compatibility bug with OpenSSL 1.1 affecting elliptic curve certificates.
 * Fix invalid argument error when setting file ownership under Perl 5.24.
 * Various refinements and documentation improvements.

v1.5.2 (2017-07-14)
 * Bugfix release.
 * Fix pagination bug in digitalocean DNS handler.
 * Ensure NS records are properly handled by DNS handlers.
 * Ensure parent directories are created by documentroot HTTP handler.
 * Check for missing argument to retry-approval.
 * Clarify some unclear error and warning messages.
 * Fix typo in man page.

v1.5.1 (2015-12-10)
 * Bugfix release.
 * Fix bug with renewing multi-hostname certs where it said
   "Error: the price of this certificate has changed".
 * Fix bug where single-hostname certs were sometimes treated
   as multi-hostname certs incorrectly.

v1.5.0 (2015-09-22)
 * Replace 'sslmate resend-email' with 'sslmate retry-approval', which
   supports non-email approval.  'resend-email' will be removed in
   SSLMate 2.0.
 * Rebrand "multi-domain" certs as "multi-hostname" certs.
 * Add '--multi' option to 'sslmate buy' to force the purchase of a
   multi-hostname certificate with just a single hostname.
 * Add '--multi' and --no-multi options to 'sslmate edit' to convert
   between a multi-hostname and single-hostname certificate.
 * Improve user experience when using DNS approval.

v1.4.0 (2015-07-02)
 * Add support for multi-domain certificates.
   - Specify multiple hostnames on command line to 'sslmate buy'.
   - Use 'sslmate edit' to add/remove alternative names.
   - Use 'sslmate reissue --same-key' to reissue after adding/removing
     names.
 * Add 'sslmate rekey' option to generate a new key and reissue.
 * Add '--same-key' option to 'sslmate reissue' to reissue without
   generating a new key.  IMPORTANT: starting with SSLMate 2.0,
   --same-key will be implied when running 'sslmate reissue'.
   Please start using 'sslmate rekey' if you want to reissue with a
   new key.
 * Add 'sslmate show' command to show detailed information about a
   certificate.
 * Fix bug when importing certificates with upper case common names.

v1.3.0 (2015-06-18)
 * Add support for creating certificate files in alternative
   formats.  To enable a format, put "cert_formats.FORMAT yes"
   in your config file, where FORMAT is one of:
   - chained (Certificate by chain) (enabled by default)
   - combined (Key, cert, and chain concatenated together)
   - p12 (PKCS#12 file)
   - jks (Java Keystore file)
   - root (Root certificate)
   - chain+root (Chain and root concatenated together)
 * Preserve existing filesystem permissions of key and certificate files.
 * Minor bug fixes/enhancements.

v1.2.3 (2015-06-13)
 * Bugfix release.
 * Correctly display unhandled subjectAltNames when importing.
 * Fix Makefile so it works with FreeBSD make.

v1.2.2 (2015-05-29)
 * Bugfix release.
 * Don't try to use LWP for HTTPS if LWP::Protocol::https not installed.
 * Document that LWP::Protocol::https is required in addition to LWP.
 * Properly report errors from LWP.

v1.2.1 (2015-05-26)
 * Fix certificate errors on OS X by preferring curl over LWP Perl module.

v1.2.0 (2015-05-26)
 * Install strong Diffie-Hellman parameters to /usr/share/sslmate.
 * Add support for Diffie-Hellman parameters in mkconfig config templates.
 * If available, use LWP Perl module for HTTPS client instead of
   spawning a curl process.

v1.1.1 (2015-05-13)
 * Avoid a warning message if WWW::Curl::Perl is not installed.

v1.1.0 (2015-05-12)
 * Support DNS approval with CloudFlare, DigitalOcean, and DNSimple.
 * Allow DNS approval to be selected from approver email list.
 * Allow type of cert (dv/ev) to be changed by `sslmate edit`.
 * Add --timeout option to buy, reissue, renew
 * Minor bug fixes/enhancements.

v1.0.1 (2015-04-22)
  * Minor bug fixes.
  * Fix segfault on Ubuntu 14.10 by using external curl command for
    HTTP client.

v1.0.0 (2015-04-20)
  * Add `sslmate import` command for importing existing certificates to
    your account.
  * Add `sslmate list` command for listing your account's certificates.
  * Add `sslmate edit` command for changing the settings of a certificate
    (e.g. auto-renew, approver email address).
  * Add `sslmate resend-email` command for resending the approval email
    for a pending certificate.
  * Add support for DNS approval.
  * Add support for EV certs.
  * Add support for ECDSA keys and certs.
  * Add support for daily purchase limit.
  * Add wildcard_filename config option for setting the character used
    in a wildcard cert filename, instead of '*'.
  * buy/reissue/renew now exit with status 12 if cert is not downloaded
    and --no-wait is not used.
  * Print path to private key when buy/reissue terminates before cert
    can be downloaded.
  * Improve display of key and cert paths.
  * Preserve permissions of original .key file when reissuing.
  * Deprecate honor_umask config option.
  * Better support for non-ASCII domain names.
  * Require --force to buy a certificate when an active certificate with
    that name already exists in your account.
  * Fix bug where reissue and renew commands could exit with a non-zero
    status upon success.
  * Add global --batch option.
  * Add global --verbose option.
  * Add support for alternative key/certificate formats, such as PKCS#12
    (experimental).
  * Add support for HTTP approval (experimental).

v0.6.2 (2014-12-18)
  * Include recommended security settings when running `sslmate
    mkconfig`, unless --no-security option is specified.
    Recommendations are from the Mozilla Server Side TLS Guide.
  * Fix bug that could prevent full key/cert paths from appearing in
    mkconfig output.
  * Display a tip about mkconfig and test commands after buying a cert.

v0.6.1 (2014-12-03)
  * Fix an error with newer versions of Perl.

v0.6.0 (2014-12-03)
  * Add `sslmate test` command for testing the installation of a
    certificate.
  * Add `sslmate mkconfig` command for generating server configuration
    for a certificate.
  * Add --temp option to `sslmate buy` and `sslmate download`.  If
    specified, a temporary, self-signed, certificate will be installed
    instead of waiting for the real cert to be issued.  This temporary
    cert won't be trusted by clients, but can be used for configuring
    your server while you wait for your real cert to be issued.
  * Add --invoice-note and --email-invoice-to options to `sslmate buy`
    for customizing invoices.
  * Output non-error informational messages to stdout instead of stderr.
    stderr is now reserved for error messages only.
  * Strip private key and other cruft from certificate before importing.
  * Minor bug fixes.

v0.5.0 (2014-11-05)
  * Allow buy, import, and renew commands to be used non-interactively:
    - The --batch option disables prompting for confirmation.
    - The --email=ADDRESS option specifies the desired approver address.
    - The --no-wait option tells sslmate to return immediately
      instead of waiting for the new certificate to be issued.
  * Better support for key rollover in `sslmate reissue`:
    - The new key file is initially written to CN.key.new and the
      existing key file is only overwritten (by either `sslmate reissue`
      or `sslmate download`) once the new certificate is ready.
    - Existing .key and .crt files are overwritten even without the
      --force option, but only once the reissue completes successfully.
  * renew now overwrites existing .crt files even without the --force
    option. A safety check has been added to ensure that renew only
    installs a certificate if it matches the .key file.
  * API credentials are now saved to disk only if `sslmate link` is run
    explicitly. Other commands no longer implicitly link the system.
  * Minor bug fixes and internal improvements.

v0.4.5 (2014-10-27)
  * Support Perl when installed in a directory other than /usr/bin.

v0.4.4 (2014-10-27)
  * Add `sslmate req` command for generating a key and CSR.
  * Minor bug fixes.

v0.4.3 (2014-10-24)
  * Create cert files with a umask of 022 unless honor_umask config
    option set to 'yes'.
  * Re-license under the X11 license.
  * Minor bug fixes.

v0.4.2 (2014-10-20)
  * Fix bug that prevented 'sslmate link' from working with
    passwords containing '0'.

v0.4.1 (2014-10-18)
  * Fix warning when run with newer versions of Perl.

v0.4.0 (2014-10-15)
  * Allow multiple certs, or all certs, to be downloaded with
    `sslmate download`.
  * Add sslmate(1) man page.
  * Ensure that `sslmate download` only downloads certs that
    match the corresponding private keys.
  * Improve usage messages.
  * Add support for configuration profiles.
  * Check for newer version when running `sslmate version`.
  * Rewrite in Perl.

v0.3.0 (2014-09-12)
  * Add `sslmate renew` and `sslmate download` commands, and
    --auto-renew and --no-auto-renew options to `sslmate buy`.
    See https://sslmate.com/blog/post/automating_renewals
  * Make years argument optional in `sslmate buy`; default to 1 year.
  * Add key_directory and cert_directory config options to set the
    location of purchased/downloaded files.  Defaults to $PWD for
    non-root users and /etc/sslmate for root.
  * Read default config options from /etc/sslmate.conf if it exists.
  * Add --force as an alias for -f option, and --all as alias for -a.
  * For consistency, always write a .chain.crt and .chained.crt file
    even if chain is empty.
  * Miscellaneous bug fixes and usability improvements.

v0.2.1 (2014-09-03)
  * When prompting for password, treat DEL as erase in addition to BS.

v0.2.0 (2014-08-21)
  * Add `sslmate revoke` command.
  * Add `sslmate version` command.
