Closed iaean closed 1 year ago
It would be great if we can support the capability of modern ACME CA to let the client provide a TTL proposal.
We simply using the TTL hint optionally provided by client via CLAIM: https://github.com/dns3l/dns3l/blob/8e30da278d35341a2f21d83ca293be67877b45d7/openapi.yaml#L1055
We are introducing TTL config per ACME provider:
ca: providers: id: type: acme minTTL: 3d maxTTL: 90d defaultTTL: 90d
If CA is not supporting this, hint is silently ignored. Otherwise:
defaultTTL
minTTL
maxTTL
It would be great if we can support the capability of modern ACME CA to let the client provide a TTL proposal.
We simply using the TTL hint optionally provided by client via CLAIM: https://github.com/dns3l/dns3l/blob/8e30da278d35341a2f21d83ca293be67877b45d7/openapi.yaml#L1055
We are introducing TTL config per ACME provider:
If CA is not supporting this, hint is silently ignored. Otherwise:
defaultTTLis used.minTTLandmaxTTLclaiming failed immediately.