Closed dimatha closed 2 years ago
I've implemented a workaround for now. Now the priority is to get the new-account working with the cert-manager not using KID.
Sorry for not answering. I rewrote the code, so it'll work in the next release and provide a proper certificate(-chain).
No worries! Thanks for your feedback. I was just wondering if I’m missing something as it is mentioned in the documentation that it suppose to work with the certbot. But the logic wasn’t in the code. We also had to implement the new-account logic using JWK instead of using KID to get it going with the cert-manager.
Well, the product is not production ready, since I only recently started testing with clients. Nevertheless, would you be so kind and contact me via my email?
Hello @glatzert ! Thanks for the great work!
I've tried this project today and it seems like I manage to get it going, but when downloading the certificate as at last stage ("POST /order/B-GwLBdUqUGIoHSntp-1Qw/certificate) , certificate chain is not in PEM format. I don't have that much experience with Microsoft/c#. Am I missing something ?
The content type is set right "Content-Type: application/pem-certificate-chain" I believe, that where the conversion should happen: https://github.com/glatzert/ACME-Server-ACDS/blob/862a12fd95a0c68f818844cfccb19ec5620f0aed/src/ACME.CertProvider.ACDS/CertificateIssuer.cs#L36
I'm using certbot as a test client. https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.9.1
Response:
Thank you in advance