The draft ACME protocol has removed unauthenticated GET requests to order, authorization, and challenge resources. Because this is not a backwards compatible change we're intending to roll out support gradually before removing support for GETs to these resources entirely.
We need to:
Update wfe2/verify.go with support for verifying POST-as-GET requests
Add optional support for POST-as-GET to orders
Add optional support for POST-as-GET to authorizations
Add optional support for POST-as-GET to challenges
Add optional support for POST-as-GET to order certificate URLs
Add optional support for POST-as-GET to accounts
On November 1st, 2019 we will remove support for GET requests to orders, authorizations and challenges making POST-as-GET mandatory. When we do this we'll need to take care that you can't access any V2 resources via the V1 endpoint.
Do I assume correctly that the account change from {} to POST-as-GET will also be mandatory on the Nov. 1st, 2019 cutoff? But until then, it will support both?
This allows POST-as-GET requests to Orders, Authorizations, Challenges, Certificates and Accounts. Legacy GET support remains for Orders, Authorizations, Challenges and Certificates. Legacy "POST {}" support for Accounts remains.
Resolves#3871
The draft ACME protocol has removed unauthenticated GET requests to order, authorization, and challenge resources. Because this is not a backwards compatible change we're intending to roll out support gradually before removing support for GETs to these resources entirely.
We need to:
wfe2/verify.go
with support for verifying POST-as-GET requestsOn November 1st, 2019 we will remove support for GET requests to orders, authorizations and challenges making POST-as-GET mandatory. When we do this we'll need to take care that you can't access any V2 resources via the V1 endpoint.
Client developers that want a head-start testing their clients against this change are encouraged to use Pebble, which has already implemented the change for
-strict
mode.The text was updated successfully, but these errors were encountered: