Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Support HTTP01 over SSL #1343
We're running a mix variation of web servers and would prefer to use HTTP01 using the "webroot" authenticator. We're an HTTPS-only environment currently and not looking to change that, which offers a problem for us.
Could simple support for HTTP01 over HTTPS be added? You would need to disregard any certificate errors (allowing bootstrapping using self-signed certs etc.) on the server side I guess, but compared to HTTP that's not an issue.
Yeah, this is a wontfix because of the default vhosts attack. The two footnotes to that are: (1) if you serve a 301/302 redirect from port 80 the server will follow it; (2) if you have an existing cert from some CA (possibly Let's Encrypt, when it's time to renew) we could validate the cert and proceed.