pebble

pebble copied to clipboard

Errno 71 when running pebble & certbot Docker containers on Vagrant+VirtualBox

1

On my Windows10 machine, I'm using Vagrant and VirtualBox with Ubuntu 18.04 Vagrant box, which has Docker 19.03.5 installed. I have a **docker-compose.yml** which has both pebble and certbot services...

kvjava1

Documentation: mention that when using with release binary, you should copy the test folder

1

When I first tried to get Pebble running using the binary I downloaded from the releases, it complained about missing files it was looking for. I got it working by...

aral

When I first looked at Pebble, I missed the binary releases and because compiling from Go had an error I abandoned the idea to use it. I suggest adding a...

aral

Certificate request subject commonName domain is not taken into account

15

RFC8555 tells: ```` The CSR MUST indicate the exact same set of requested identifiers as the initial newOrder request. Identifiers of type "dns" MUST appear either in the commonName portion...

bruncsak

If an Authorization has expired, loading it will show a "pending" status. If a Challenge belongs to an Authorization which has expired, loading it will show a "pending" status. Triggering...

jvanasco

wrong implementation of ACME spec: Orders should transition to "invalid", not "deactivated"

2

I spent the day investigating failing tests, because of a single line in Pebble :( https://github.com/letsencrypt/pebble/blob/master/core/types.go#L66-L69 // An order is deactivated if **any** of its authzs are deactivated if authzStatuses[acme.StatusDeactivated]...

jvanasco

HTTP Management Interface

6

Discussion on https://github.com/letsencrypt/pebble/pull/39 indicated that there are users who would find it valuable to be able to inject test data into Pebble to help support integration testing with an ACME...

cpu

https://tools.ietf.org/html/rfc8555#section-6.7.1

jsha

Configuration parameter for certificate lifetime.

1

Boulder allows configuration of [issued end entity certificate lifetime](https://github.com/letsencrypt/boulder/blob/2131065b2d0393fdbd21a5060c021873f2cb5121/test/config/ca-a.json#L38). Pebble presently hard-codes it: https://github.com/letsencrypt/pebble/blob/0abe0523af6f711c2f4c4a29a3a9a5f91aa9282e/ca/ca.go#L197 [RFC 8555 7.5](https://tools.ietf.org/html/rfc8555#section-7.4) specifies that a new order request may have optional `notBefore` and `notAfter` fields...

cpu

Feature suggestion: allow setting a subset of configuration

1

For my project I had to set a custom value for `httpPort` in `pebble-config.json`. Currently in my custom JSON I need to specify the rest of the configuration as well:...

codeclown