Matt Holt

I'm a _little_ lost as to where we're at with this after reading the thread (I've been catching up on a lot of different threads), but -- I think it...

The default storage implementation (file system) uses "active locking" where a timestamp within the file is updated every couple of seconds, and so even if the lock file exists after...

Fortunately, you don't need to know anything about Caddy or ACME to implement this properly; just adhere to the godoc description of the interface methods and as long as it...

There should be some `01000` (hex encoding) in the beginning of the ClientHello... if there is padding, the max length of the ClientHello in hex encoded characters would be 1024.

I think I had this on a TODO list a while ago. I'll try to revisit it soon.

@hazycora I've just committed b29d2a0 which adds a `SubjectTransformer` field to the `certmagic.Config` struct. In my tests I used it similarly to you: ```go magic.SubjectTransformer = func(ctx context.Context, domain string)...

Excellent! Thanks for the update.

You could probably do this yourself, but it's very odd indeed. You'd probably have to fiddle with a config/setup that works, unfortunately I don't have the time for that right...

So to make sure I understand, the primary concern is that your first connection is going to take a couple of seconds? (Sorry for the late reply. Busy times!)

@anderspitman Instead of PSL, have you considered filing a rate limit exemption request with Let's Encrypt? They have a form for use cases like yours.