You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When you first create and configure and instance and set it to use automatic HTTPS security with Let's Encrypt, when you first run and try and get a new certificate issued you are presented with the following warning in the logs:
2019/12/24 11:15:10 http: TLS handshake error from 192.168.1.203:53822: 403 urn:acme:error:unauthorized: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details.
The log links to the Let's Encrypt community which says they are dropping support for ACMEv1 and browning out the registration service.
Steps to reproduce (if necessary)
Steps to reproduce the behavior:
Download and unzip release
follow confiration, set yourself as secure with automatic certificates
generate keys
start writefreely
visit instance URL
receive TLS Handshake error
SSL no longer works
Expected behavior
The internal Let's Encrypt HTTPS negotiation should be done via ACMEv2
Application configuration
Single mode
Database? [sqlite]
Open registration? [yes]
Federation enabled? [yes]
Version or last commit:
v0.11.2
The text was updated successfully, but these errors were encountered:
This is an error that Gitea also had, and we resolved it by pinning a newer version of golang.org/x/crypto which supports acmev2 (see go-gitea/gitea#9056 as an example PR)
Thanks for the report, @judges119 -- and for the insight, @techknowlogick! If you're interested in contributing that same fix as a PR here, we'll be happy to accept it. Otherwise the team will get to it when we can.
Describe the bug
When you first create and configure and instance and set it to use automatic HTTPS security with Let's Encrypt, when you first run and try and get a new certificate issued you are presented with the following warning in the logs:
The log links to the Let's Encrypt community which says they are dropping support for ACMEv1 and browning out the registration service.
Steps to reproduce (if necessary)
Steps to reproduce the behavior:
Expected behavior
The internal Let's Encrypt HTTPS negotiation should be done via ACMEv2
Application configuration
Version or last commit:
v0.11.2
The text was updated successfully, but these errors were encountered: