I just noticed that acme-tiny still uses a regular GET to get challenges info, retrieve the certificate, and poll authorization state. This will stop working in November 2019; from then on signed POST-as-GET requests have to be used (see https://tools.ietf.org/html/rfc8555#section-6.3).
I just noticed that acme-tiny still uses a regular GET to get challenges info, retrieve the certificate, and poll authorization state. This will stop working in November 2019; from then on signed POST-as-GET requests have to be used (see https://tools.ietf.org/html/rfc8555#section-6.3).
See https://community.letsencrypt.org/t/acme-v2-scheduled-deprecation-of-unauthenticated-resource-gets/74380 for Let's Encrypt's deprecation deadline (November 1st).