pebble
pebble copied to clipboard
A miniature version of Boulder, Pebble is a small RFC 8555 ACME test server not suited for a production certificate authority.
Pebble originated as a piece of test code and one of the unfortunate side effects of that is that it doesn't have significant integration test coverage (and no unit tests...
It's pretty messy right now but we'll need to bump major versions to fix it. In particular it probably makes sense to try and make one or two more general...
Preferably with a 'Retry-After' header
Eventually, the server knows when it will retry a challenge validation etc. and therefore when it makes sense for the client to recheck the status.
[![Checks](https://github.com/fastly/pebble/actions/workflows/checks.yml/badge.svg)](https://github.com/fastly/pebble/actions/workflows/checks.yml) [![Tests](https://github.com/fastly/pebble/actions/workflows/tests.yml/badge.svg)](https://github.com/fastly/pebble/actions/workflows/tests.yml) As a follow-on to https://github.com/letsencrypt/pebble/pull/439 this change request implements the first step of building a new CI system for Pebble. As this is a testbed environment for Boulder,...
This change implements the `dns-account-01` ACME challenge as specified in [draft-ietf-acme-scoped-dns-challenges](https://datatracker.ietf.org/doc/draft-ietf-acme-scoped-dns-challenges/). The relevant [validation label computation](https://github.com/aaomidi/draft-ietf-acme-scoped-dns-challenges/blob/0058e0800056698fb37f3b2cb31a727c826675fb/draft-ietf-acme-scoped-dns-challenges.mkd#dns-account-01-challenge) is: ```plain "_" || base32(SHA-256()[0:10]) || "._acme-" || || "-challenge" ``` where SCOPE is...
please create a new release with the updated go version
This change adds `dns-account-01` support to the `chisel2` tool for Pebble integration testing. The enhancement to the Python acme library in https://github.com/certbot/certbot/pull/9887 is a prerequisite for this change. Note that...
### Objective Implement the "dns-account-01" challenge in Pebble, setting the groundwork for subsequent Boulder alignment (referencing [boulder#7240](https://github.com/letsencrypt/boulder/issues/7240)). ### Rationale Establishing this feature in Pebble first is crucial for a consistent...
The acme rfc states that clients should interpret supplied eab keys as base64url. To encourage that behavior, this commit adds a key to the example configuration that is only decodable...