-
Hi,
Is there anyway to renew certs? Like what if I would like to renew stored certs in my DB before 30 days or so? Is there any function call exists for that or should I simply issue fresh new cert…
-
Running against an ACME server that requires ExternalAcountBinding, after the initialization of the account and successful creation of private key secret associated with the account we take a backup o…
-
Hello,
You may already be aware of this, but [HiCA](https://www1.hi.cn/en/) is injecting arbitrary code/commands into the certificate obtaining process and acme.sh is running them on the client mac…
-
I'm working on getting a High Availability cluster working in ECS Fargate as opposed to EC2 instances with ASG as described in the ha cluster example: https://github.com/gravitational/teleport/tree/ma…
-
Currently cert-manager supports rotating the private key used for the certificate object. From my understanding there is no rotation support for the ACME account private key. Looks like LetsEncrypt d…
-
**Describe the bug**:
We are using custom ACME server where certificate signing process (finalize) can take up to 2 mins and it seems like cert-manager just stops polling the status after ~5 atte…
-
Using AcmePHP core, I'm pulling the token from the authorization challenge and using setting it as the value for TXT record.
I get this error:
`Challenge failed (response: {"type":"dns-01","status…
-
The document does not mention this use case explicitly, where a message body is only needed to sign the GET parameters. Adding this use case makes sense, in particular since this WG is developing a ge…
-
This is not a bug but rather an annoying lack of information in the debug output.
As a webhost, I frequently install SSL certificates on our customer's behalf. I am frequently tripped up by this sa…
-
Can payloads with empty string be handled?
The latest ACME specification requires support for payloads with an empty string ("").
(https://datatracker.ietf.org/doc/html/rfc8555#section-6.3)
Right…