-
ACME orders are not tied to a provisioner and can be "finalized" by any ACME provisioner. The result is that the claims from the "finalizing" provisioner will be applied to the end certificate, rather…
dopey updated
3 years ago
-
**Description**
Replay of a proof of possession (PoP) to associate a key with a different identity is currently possible (albeit difficult, since you must intercept the PoP somehow).
A propo…
-
All the ports are open to the outside world.
If you want to run this on Internet facing server make sure to take care of it.
Easiest way is to tell docker to bind ports only to localhost
so instead …
-
### What is the issue?
I noticed that Caddy is failing to have a certificate to serve for my `machine.***.ts.net` domain, even though this has worked in the past.
My /etc/default/tailscaled file…
mholt updated
10 months ago
-
I currently use afraid/freedns. I pay for a private listing there and was able to set up wildcard ssl certs by using the acme.sh dns_api. I was hoping to see this ported to nginx-proxy-manager.
M…
-
I am planning to use the acme-dns service behind an nginx reverse proxy with basic authentification, so the api is not exposed on the internet directly.
Because there will be many clients using the…
-
It would be great if the TXT entry was cleaned up after the certs are issued... I know IONOS supports this through the API.
Looks like it might be thinning about it from the logs but the TXT entry …
-
https://cert-manager.io/docs/faq/acme/
-
If the site redirects http to https. The challenge completion fails with an error message about not being able to find the site.
Something is weird about it though, because it doesn't seem to be c…
-
#### Describe the bug
Letsencrypt fails renewal due to webroot not beeing set.
```
# journalctl -n 100 -u snap.nextcloud.renew-certs
-- Logs begin at Wed 2019-10-23 00:44:10 EEST, end at Wed 201…