Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change the default ACME server to the v2 endpoint #5369

Closed
ohemorange opened this issue Jan 4, 2018 · 8 comments

Comments

@ohemorange
Copy link
Contributor

commented Jan 4, 2018

Step 4 of #5365

  • tools/deactivate.py
  • acme/examples/example_client.py
    The backend data structures are the same for the different endpoints, but we might want to either determine the client to use based on the server like we do in certbot, or at least use acmev2 styles.
@bmw

This comment has been minimized.

Copy link
Member

commented Feb 26, 2018

We won't be doing this in our 0.22.0 release which will be coming out before the endpoint goes live, so I'm kicking this to 0.23.0.

@bmw bmw modified the milestones: 0.22.0, 0.23.0 Feb 26, 2018

@shadycuz

This comment has been minimized.

Copy link

commented Mar 14, 2018

@bmw It's live, but I can't figure out how to change the endpoint?

Obtaining a new certificate
The currently selected ACME CA endpoint does not support issuing wildcard certificates.
@shadycuz

This comment has been minimized.

Copy link

commented Mar 14, 2018

Oh you need server flag --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

@kysil

This comment has been minimized.

Copy link

commented Mar 14, 2018

With command
certbot certonly --rsa-key-size 2048 --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory

I have this answer:
Obtaining a new certificate Performing the following challenges: None of the preferred challenges are supported by the selected plugin

nginx 1.13.9
certbot 0.22.0
Centos 7.4

@shadycuz

This comment has been minimized.

Copy link

commented Mar 14, 2018

@kysil I used the instructions in this post #5719

@bmw

This comment has been minimized.

Copy link
Member

commented Apr 4, 2018

Unfortunately we had to revert this change because things like certbot revoke --cert-path /path/to/cert would suddenly stop working due to a different account being used. #5820 should be resolved before releasing this change.

@bmw bmw modified the milestones: 0.24.0, 0.25.0 May 2, 2018

@bmw bmw removed the current sprint label May 2, 2018

@bmw bmw modified the milestones: 0.25.0, 0.26.0 Jun 6, 2018

@bmw bmw added the current sprint label Jun 20, 2018

@bmw bmw assigned ohemorange and unassigned bmw Jun 20, 2018

@bmw

This comment has been minimized.

Copy link
Member

commented Jun 27, 2018

@ohemorange, are you able to get to this this week? If not, I can take it.

@ohemorange

This comment has been minimized.

Copy link
Contributor Author

commented Jun 27, 2018

I've got it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.