None of the big name ACME implementations support this TLS based challenge type.
(NGiNX, Certbot, Apache, etc.)
So it would be a nice bonus for Membrane as one of the only ACME capable gateways/reverse-proxies with this challenge type.
This challenge is not suitable for most people. It is best suited to authors of TLS-terminating reverse proxies that want to
perform host-based validation like HTTP-01, but want to do it entirely at the TLS layer in order to separate concerns. Right now
that mainly means large hosting providers, but mainstream web servers like Apache and Nginx could someday implement this
(and Caddy already does).
None of the big name ACME implementations support this TLS based challenge type. (NGiNX, Certbot, Apache, etc.) So it would be a nice bonus for Membrane as one of the only ACME capable gateways/reverse-proxies with this challenge type.
From Let's Encrypt docs: