Due to a security issue, Let's Encrypt deactivated tls-sni challenges
permanently¹. Thus we need to use the new support for http-01 from
autocert. This requires setting up a Manager manually and to keep the
behavior consistent, we need to copy the (unexported) logic to determine
the default caching directory.
Due to a security issue, Let's Encrypt deactivated tls-sni challenges permanently¹. Thus we need to use the new support for http-01 from autocert. This requires setting up a Manager manually and to keep the behavior consistent, we need to copy the (unexported) logic to determine the default caching directory.
[1] https://community.letsencrypt.org/t/tls-sni-challenges-disabled-for-most-new-issuance/50316