0x4r45h
commented
3 years ago @yourivw would you please review this?
Closed 0x4r45h closed 3 years ago
0x4r45h
commented
3 years ago @yourivw would you please review this?
anirudhmalhotra
commented
3 years ago well this file diff confuses me, added/removed spaces makes it look like everything was changed. :/
LetsEncrypt is going to change their root certificates from "DST Root X3" to "ISRG’s" which is not working on android devices older than version 7.1.
they introduced a workaround for site owners to buy more time (~ 1 more year) before completely discarding "DST Root X3".
the get-certificate end point have an alternate link in its header response to let users pick their preferred-chain in certificate. Certbot implemented that already.
in this PR user is able to pass preferred chain to the
getCertificatemethod, if a cert matching that chain is found then it will be saved, if not then logs a warning with proper message and default certificate provided by Lets'Encrypt will be used