Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Renew certificates using ACME #17

Open
twifkak opened this issue Aug 12, 2021 · 1 comment
Open

Renew certificates using ACME #17

twifkak opened this issue Aug 12, 2021 · 1 comment
Milestone
v3+

Comments

@twifkak
Copy link
Collaborator

twifkak commented Aug 12, 2021

Add configuration parameters similar to webpkgserver to support ACME renewal of a certificate. It's not necessary to support all verification methods (DNS/HTTP/ALPN); one is sufficient (whichever is automatable).

This should include some support for monitoring that the certificate is still valid. Here are some ideas:

  1. Return an HTTP error (or JS exception?) when the certificate is expired, so it can show up in Cloudflare analytics.
  2. Document some curl | openssl command the user could run as a cron job.
  3. Let the user configure a webhook URL to be pinged when the certificate is expired.
@twifkak twifkak added this to the v3+ milestone Aug 12, 2021
@twifkak
Copy link
Collaborator Author

twifkak commented Mar 15, 2022
edited
Loading

@antiphoton added initial support in #159. Remaining work:

  • Add a handler for the acme challenge request. It should handle the challenge.
  • Document how to use it at credentials/README.md.
  • Add a scheduled renewal job.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v3+
Development

No branches or pull requests
1 participant
@twifkak