It's likely that Let's Encrypt will change its intermediate cert again to switch to ECDSA : https://letsencrypt.org/certificates/
It would be better to avoid hardcoding the intermediate in lecm. In fact, if Let's Encrypt start using several intermediate certs at the same time, lecm would be completely broken.
It should be possible to retrieve the right intermediate in the ACME response, but it's poorly documented. I found this doc which is quite sparse but gives the idea: https://letsencrypt.org/docs/integration-guide/
zorun
commented
3 years ago
Related to #63 and #64 (ping @sbadia )
It's likely that Let's Encrypt will change its intermediate cert again to switch to ECDSA : https://letsencrypt.org/certificates/ It would be better to avoid hardcoding the intermediate in lecm. In fact, if Let's Encrypt start using several intermediate certs at the same time, lecm would be completely broken.
It should be possible to retrieve the right intermediate in the ACME response, but it's poorly documented. I found this doc which is quite sparse but gives the idea: https://letsencrypt.org/docs/integration-guide/