acme-client
acme-client copied to clipboard
unixcharles
A Ruby client for the letsencrypt's ACME protocol.
Add EAB support for ssl.com & zerossl.com. The code is based on https://github.com/unixcharles/acme-client/pull/201 and implement the eab reqeust to ssl.com & zerossl.com. I've tested it and can get certificates.
After creating an order (that has the challenges), if there's a gap of 5m or more between this step and a call to order.authorizations (in an attempt to ask the...
Is this still accurate info? https://github.com/unixcharles/acme-client#ordering-an-alternative-certificate I believe Let's Encrypt decided to not switch chains so it should continue working with the default chain? Links: - https://letsencrypt.org/2020/12/21/extending-android-compatibility.html - https://community.letsencrypt.org/t/production-chain-changes/150739 So...
Let's Encrypt changed their default and alternate chains as of May 4th. https://community.letsencrypt.org/t/production-chain-changes/150739 Issue is that we are unable to retrieve the new alternate chain as the force_chain attribute (in...
I have some issues integrating it with zerossl, because acme-client doesn't support `eab-kid` and `hmac-key` https://github.com/zerossl/certbot-zerossl/blob/ad5dae70b3b1808807f1a77c0ca9293bed2caabf/certbot-zerossl.sh And I get this error: `Acme::Client::Error::ExternalAccountRequired: The request must include a value for the...
ACME allows revocation by anyone in possession of the private key. Per [the RFC](https://tools.ietf.org/html/rfc8555#section-7.6), you put a `jwk` in the protected header rather than a `kid`, and sign the request...
I was investigating some failures, and I found that the error `Connection reset by peer - SSL_connect` was somehow raised as Faraday exception: ``` Faraday::ConnectionFailed: Connection reset by peer -...
I would like to be able to track metrics around and log the http requests being made. Currently brainstorming something like the following pseudo-code, does it seem reasonable and worth...
This mentions using jwk's as private keys instead of just a 'pem' file
I've actually spent a few days trying to find a way to convert to pem just to find out by browsing the source that you already implemented that way. It...
Metadata
Owner
Metadata
A Ruby client for the letsencrypt's ACME protocol.