Closed mikemunger closed 4 years ago
Hi Mike, Thanks for your interest and enthusiasm. I think we can add this, as I agree that it would be nice if this package could help other users facing this issue.
I agree that with an optional boolean we could do a non breaking change to help solve it. I have a minor naming suggestion, I think we should go for getCertificate($asChain = true)
alongside your first suggestion getIntermediateCertificate()
Could you maybe send in a PR, in a bit busy at the moment. Thanks again!
Hi,
Great work. I was specifically looking for this type of decoupled ACME-v2 client library. I would like to use this library as well. However, as @mikemunger suggested, I also going to need a way to get a separate chain file certificate as I'm using Apache/2.4.29. I am eagerly waiting while you merge mike's PR. Let me know.
Great work guys! Thanks.
https://github.com/afosto/yaac/tree/v1.1.1 @mikemunger Thanks again.
Hello, great job so far - this package will definitely make my life easier moving from v1 to v2 acme protocol in our custom lets encrypt integration.
I was wondering if you might be able to add support for a separate intermediate cert chain file for apache versions < 2.4.8.
I have a server on CentOS 7 and apache 2.4.6 is the default version, which does not support a single combined file for cert + intermediate cert. In is not supported until apache 2.4.8 and higher.
So perhaps a new method
Certificate->getIntermediateCertificate()
orCertificate->getCertificateChain()
and thenCertificate->getCertificate()
might need an optional param to just return the cert without the intermediate something likepublic function getCertifcate($withIntermideiate=true)
The apache config would look something like this, it has 3 file paths expected - the cert, the chain(intermediate cert), and the private key: https://ssl-config.mozilla.org/#server=apache&version=2.4.6&config=intermediate&openssl=1.0.2k&guideline=5.4
I could of course parse out the combined cert into the 2 files as a workaround but it would be nice-to-have if this was accounted for in the package.
Thanks a lot! keep up the good work