acmetool
acmetool copied to clipboard
hlandau
Add challenge test mode.
It would be nice if there was a command to test that challenge response was working properly.
Definitely need this. Will work on it.
Just need to repeat the authorization process, right?
The rate limit for authorization is 300 per account per week(link), which is quite abundant, so it would be OK if we still use the production server?
If we use the production server, should previous authorizations be replaced with new ones? Then the mode should be called “authorization renewal”?
I was intending this just to do a self-test check, not against the ACME server. Maybe have a flag to test it with the server as well. I'm fine with always using production in that case.
Of course the expiry time/URL for the authorizations stored on disk should be updated when using server test mode.
I was intending this just to do a self-test check, not against the ACME server.
Why not just provide a command for authorization renewal? That should cover challenge test.
Self test may not work in some cases, e.g. the real acme server is blocked by a misconfigured firewall, or the authoritative name servers is not reachable from where you run tests, etc.
Alright, let's just make it do an actual authorization. Since there's no need for people to manually renew authorizations, I'd like to keep it named challenge-test or authorization-test or similar.