22 March 2018, 00:18

A new version of the Hiawatha webserver has been released. This release contains the ACME v2 script for Let's Encrypt. Read the INSTALL file carefully before using. When switching to this new script from the ACME v1 version, you can use your current account key. You need to use the 'register' command to update this key for the ACME v2 API.

The format of the Hiawatha access logfile has been changed a bit. The Referer and User-Agent HTTP header now have a fixed place in the logfile. The user id of the HTTP authentication has been removed.

For all changes, see the ChangeLog.


Version 10.8.1 has been released. This release contains mbed TLS 2.8.0 (was released at the same moment as Hiawatha v10.8 ) and some fixes for the ACME v2 script.

22 March 2018, 00:24
Works fine on OpenBSD and Raspbian. ACME v2 also works fine. Thank you.
Chris Wadge
22 March 2018, 00:55
Debian packages are also live for direct download [files.tuxhelp.org] and the apt [mirror.tuxhelp.org] repository, respectively.

I didn't have any problems with the release candidate whatsoever. Thanks for the excellent new build, Hugo.
Gilad A
22 March 2018, 07:57
Built and updated on Ubuntu and on Debian and works great. Amazing job as always dear Hugo!
29 March 2018, 19:36
I got "no backup pin" for HPKP.

Any idea?
29 March 2018, 23:57
Do you have any backup pins defined? HPKP doesn't do anything without at least one.
Hugo Leisink
30 March 2018, 00:23
A valid HPKP configuration contains at least two pins. One current and one backup, in case your current (CA) certificate got revoked. You can add more than one backup pin.
30 March 2018, 06:48
Hi Hugo,

I use "PublicKeyPins" parameter to setup HPKP.

Hugo Leisink
30 March 2018, 22:33
The file you point to with PublicKeyPins should contain at least two certificates/CSR's/public keys. One current/active and one back-up.
3 April 2018, 17:43
Upgrade to OpenBSD 6.3, still all is working fine. Also letsencrypt.
Chris Wadge
12 April 2018, 02:16
Hiawatha 10.8.1 Debian packages are built and available in the usual places.
8 October 2018, 17:29
Any hint to create the backup pin for PublicKeyPins? I only have one valid private key.
Hugo Leisink
12 October 2018, 00:21
Use the public key of another CA or the one belonging to your backup private key.