security/acme-client: support for ACMEv2 (wildcard certs) #495
Comments
|
Looks like acme.sh 2.7.6 will be the first version to include v2 support. |
|
This will be awesome! Thank you! |
|
@fraenki any movement here or is this already part of 18.1.3? is there any way i could just download acme.sh and patch a running opnsense and see if this work, or does it specifcly need support by the plugin too? |
|
tried on a 18.1.4 with cloudflare / dns challenge any hints? |
|
2.0 is staging only at the moment?
… On 11. Mar 2018, at 20:53, Eugen Mayer ***@***.***> wrote:
tried on a 18.1.4 with cloudflare / dns challenge
[Sun Mar 11 20:48:52 CET 2018] | Please check log file for more details: /var/log/acme.sh.log
-- | --
[Sun Mar 11 20:48:52 CET 2018] | _on_issue_err
[Sun Mar 11 20:48:52 CET 2018] | Register account Error:
[Sun Mar 11 20:48:52 CET 2018] | Can not connect to https://acme-v02.api.letsencrypt.org/directory to get nonce.
[Sun Mar 11 20:48:52 CET 2018] | ret='6'
[Sun Mar 11 20:48:52 CET 2018] | Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 6
[Sun Mar 11 20:48:52 CET 2018] | _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Sun Mar 11 20:48:52 CET 2018] | timeout=
[Sun Mar 11 20:48:52 CET 2018] | url='https://acme-v02.api.letsencrypt.org/directory'
[Sun Mar 11 20:48:52 CET 2018] | GET
[Sun Mar 11 20:48:52 CET 2018] | payload='{"contact": ["mailto: XXXXXXXXX"], "termsOfServiceAgreed": true}'
[Sun Mar 11 20:48:52 CET 2018] | url
[Sun Mar 11 20:48:52 CET 2018] | Registering account
[Sun Mar 11 20:48:51 CET 2018] | RSA key
[Sun Mar 11 20:48:51 CET 2018] | Can not init api.
[Sun Mar 11 20:48:51 CET 2018] | ret='6'
[Sun Mar 11 20:48:51 CET 2018] | Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 6
[Sun Mar 11 20:48:51 CET 2018] | _CURL='curl -L --silent --dump-header /var/etc/acme-client/home/http.header '
[Sun Mar 11 20:48:51 CET 2018] | timeout=
[Sun Mar 11 20:48:51 CET 2018] | url='https://acme-v02.api.letsencrypt.org/directory'
[Sun Mar 11 20:48:51 CET 2018] | GET
[Sun Mar 11 20:48:51 CET 2018] | _init api for server: https://acme-v02.api.letsencrypt.org/directory
any hints?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
@fichtner i guess the "?" is a "!" and its a statement, not a question? I am not really sure what you are referring to, you seem to be far deeper into the topic, could you explain? Are you talking about LE Sandbox mode only? Or LE plugin dev build only? |
|
not an expert at all. https://github.com/Neilpang/acme.sh/releases/tag/2.7.6 says "Full support with ACME v2, staging only." and that likely means you cannot create wildcard certificates for real use yet? @fraenki would know better. |
|
@fraenki 2.7.7 is out: https://github.com/Neilpang/acme.sh/releases/tag/2.7.7 -- I'll merge when you give ok. Aiming for Wednesday release of 18.1.5 so that would have to be today for inclusion |
|
here's a test package for amd64: |
|
@fichtner Thanks, I'm going to have a look at 2.7.8 and wildcard support, but I need some more days to get back to work. Sorry for the delays. |
|
@fraenki 2.7.8 is already out. should we ship it? some people use it according to the forum. if there shouldn't be 2.7.8 in 18.1.6 I need to know today... |
|
@fichtner Ship it! I won't be able to test it today, though. |
|
No worries, thanks, will do. :) |
The text was updated successfully, but these errors were encountered: