Closed tzim-fr closed 3 years ago
Looks easy to implement, but I have nowhere to actually test this...
Note to self: https://tools.ietf.org/html/rfc8555#section-7.3.4
I have nowhere to actually test this...
I have nowhere to actually test this...
Ah, @cpu to the rescue ;)
Was going to set up Pebble anyway for automatic testing, will work on this feature when my test environment is back up! :+1:
Zerossl is now live, which is sectigo's ssl service CA ACME endpoint is at https://acme.zerossl.com/v2/DV90
Trying to use it returns:
{"type":"urn:ietf:params:acme:error:externalAccountRequired","status":400,"detail":"The request must include a value for the \"externalAccountBinding\" field"}
You should set EAB_KID/EAB_HMAC_KEY in your config
Thanks... that worked (as soon as I upgraded to latest version :P )
This is now implemented.
Certigo service support ACME, but it requires support for "external account binding" (see section 7.3.4 in acme specs) at registration.
If I understand the specs correctly, only the newAccount request needs to be modified. Is there plans to implement this feature ?