From 08c84693227de9571412fa18a7d82818a370c655 Mon Sep 17 00:00:00 2001
From: Brendan Abolivier <babolivier@matrix.org>
Date: Thu, 17 Jun 2021 19:56:48 +0200
Subject: Remove support for ACME v1 (#10194)

Fixes #9778

ACME v1 has been fully decommissioned for existing installs on June 1st 2021(see https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27), so we can now safely remove it from Synapse.
---
 changelog.d/10194.removal | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 changelog.d/10194.removal

(limited to 'changelog.d/10194.removal')

diff --git a/changelog.d/10194.removal b/changelog.d/10194.removal
new file mode 100644
index 0000000000..74874df4eb
--- /dev/null
+++ b/changelog.d/10194.removal
@@ -0,0 +1 @@
+Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing install on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings.
-- 
cgit 1.4.1