jojof2024

> `idpURL` Hey @hslatman no I did not. Where can I find more information about "idpURL"? I cannot find this under https://smallstep.com/docs/step-ca/templates/ or https://smallstep.com/docs/step-ca/configuration/. How do I use this configuration?

Is there a possibility to disable the option of a issuing distribution point in the crl? It did not help me to just change the issuing distribution point. I need...

Hey, yes we did restart the CA. And the old DNS name is no where to be found in the ca.json or the default.json. Do we have to remove the...

It also says that it runs with the latest dns name. The primary server URL is latest.lhgroup.de. But it does not matter, when I send a certbot request with latest.lhgroup.de...

step ca Health is ok. It schould not be our proxy. In the ca logs we find: The primary server URL is latest.lhgroup.de and response="{"newNonce":" [https://xxxlhgroup.de/acme/acme1day/new-nonce","newAccount":"https://xxxx.lhgroup.de/acme/acme1day/new-account","newOrder":"https://xxxx.lhgroup.de/acme/acme1day/new-order","revokeCert":"https://xxxlhgroup.de/acme/acme1day/revoke-cert","keyChange":"https://xxxlhgroup.de/acme/acme1day/key-change"}"](https://xxxlhgroup.de//acme/acme1day/new-nonce/%22,/%22newAccount/%22:/%22https://**xxxlhgroup.de**//acme/acme1day/new-account/%22,/%22newOrder/%22:/%22https://**xxxlhgroup.de/**/acme/acme1day/new-order/%22,/%22revokeCert/%22:/%22https://**xxxlhgroup.de**//acme/acme1day/revoke-cert/%22,/%22keyChange/%22:/%22https://**xxxlhgroup.de**//acme/acme1day/key-change/%22%7D%22)

We tried it also with different clients (certbot (redhat client) and win-acme) all with the same responce. The win-acme client was just recently set up and did not send any...

I get the exact same responce: "newNonce":"[https://xxxx.lhgroup.de/acme/acme1day/new-nonce", "newAccount":"https://xxxx.lhgroup.de/acme/acme1day/new-account", "newOrder":"https://xxxx.lhgroup.de/acme/acme1day/new-order", "revokeCert":"https://xxxx.lhgroup.de/acme/acme1day/revoke-cert"

Cache-Control: private, max-age=86400, no-cache, must-revalidate Content-Length: 382 Content-Security-Policy: default-src 'self' *.latest.lhgroup.de data:; style-src *.latest.lhgroup.de 'unsafe-inline'; script-src *.latest.lhgroup.de 'unsafe-inline' 'unsafe-eval' Content-Type: application/json Date: Tue, 30 Apr 2024 14:29:49 GMT Expires: -1...

We run our tests now without the proxy in the middle but unfortunately the ca did respond with the wrong url. Is there a way we can assure that the...