starred/acme-dns
1
0
Fork 0
mirror of https://github.com/acme-dns/acme-dns.git synced 2026-04-27 04:45:48 +03:00
Code Issues 178 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #186] tls = "letsencrypt" client still use ACMEv1? #79

New issue
Closed
opened 2026-03-13 15:42:16 +03:00 by kerem · 6 comments
kerem commented 2026-03-13 15:42:16 +03:00
Owner
Copy link

Originally created by @NiasSt90 on GitHub (Oct 17, 2019).
Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/186

time="2019-10-17T07:29:13Z" level=info msg="http: TLS handshake error from $IP: 403 urn:acme:error:unauthorized: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details."

the time of ACMEv1 is over...

Originally created by @NiasSt90 on GitHub (Oct 17, 2019). Original GitHub issue: https://github.com/acme-dns/acme-dns/issues/186 > time="2019-10-17T07:29:13Z" level=info msg="http: TLS handshake error from $IP: 403 urn:acme:error:unauthorized: Account creation on ACMEv1 is disabled. Please upgrade your ACME client to a version that supports ACMEv2 / RFC 8555. See https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430 for details." the time of ACMEv1 is over...
kerem closed this issue 2026-03-13 15:42:21 +03:00
kerem commented 2026-03-13 15:42:27 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Oct 17, 2019):

Which version of acme-dns are you using at the moment?

edit: this is irrelevant

<!-- gh-comment-id:543054301 --> @joohoi commented on GitHub (Oct 17, 2019): ~~Which version of `acme-dns` are you using at the moment?~~ edit: this is irrelevant
kerem commented 2026-03-13 15:42:32 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Oct 17, 2019):

Ok, so this is related to the Golang autocert package. The ACMEv2 was added as default just a few days ago.

I'll do a new release of acme-dns shortly.

<!-- gh-comment-id:543060793 --> @joohoi commented on GitHub (Oct 17, 2019): Ok, so this is related to the Golang autocert package. The ACMEv2 was added as default just a few days ago. I'll do a new release of `acme-dns` shortly.
kerem commented 2026-03-13 15:42:37 +03:00
Author
Owner
Copy link

@NiasSt90 commented on GitHub (Oct 18, 2019):

ok, thx.
I've struggled into huge problems because of this, because it looks like the acme-dns REST api can't be access thru http-only. It always redirects to their own https endpoint (the documentation doesn't mentioned this) and therefore a ssl-cert is always needed to access the acme-dns rest api.

<!-- gh-comment-id:543553534 --> @NiasSt90 commented on GitHub (Oct 18, 2019): ok, thx. I've struggled into huge problems because of this, because it looks like the acme-dns REST api can't be access thru http-only. It always redirects to their own https endpoint (the documentation doesn't mentioned this) and therefore a ssl-cert is always needed to access the acme-dns rest api.
kerem commented 2026-03-13 15:42:42 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Oct 18, 2019):

On the upcoming weekend I'm planning to finish work towards migrating from autocert to certmagic, a few DNS RFC fixes and moving to automated challenge responses using DNS validation. This will fix a wide array of issues along with this one.

<!-- gh-comment-id:543721508 --> @joohoi commented on GitHub (Oct 18, 2019): On the upcoming weekend I'm planning to finish work towards migrating from `autocert` to [certmagic](https://github.com/mholt/certmagic), a few DNS RFC fixes and moving to automated challenge responses using DNS validation. This will fix a wide array of issues along with this one.
kerem commented 2026-03-13 15:42:47 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Oct 18, 2019):

I've struggled into huge problems because of this, because it looks like the acme-dns REST api can't be access thru http-only. It always redirects to their own https endpoint (the documentation doesn't mentioned this) and therefore a ssl-cert is always needed to access the acme-dns rest api.

Acme-dns REST api can be accessed through HTTP, if you set tls = "none" in the config.cfg

<!-- gh-comment-id:543721993 --> @joohoi commented on GitHub (Oct 18, 2019): > I've struggled into huge problems because of this, because it looks like the acme-dns REST api can't be access thru http-only. It always redirects to their own https endpoint (the documentation doesn't mentioned this) and therefore a ssl-cert is always needed to access the acme-dns rest api. Acme-dns REST api can be accessed through HTTP, if you set `tls = "none"` in the `config.cfg`
kerem commented 2026-03-13 15:42:52 +03:00
Author
Owner
Copy link

@joohoi commented on GitHub (Oct 20, 2019):

This was implemented in #190 and is included in v0.8 just released!

<!-- gh-comment-id:544290286 --> @joohoi commented on GitHub (Oct 20, 2019): This was implemented in #190 and is included in v0.8 just released!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
fix_dockerhub
dockerhub
readme2.0
goreleaser_action
refactoring
linter_update_config
update_deps_122
dependabot/go_modules/github.com/valyala/fasthttp-1.34.0
deps_bump
update_goreleaser
update_golint
deps_update
update_dockerfile
v2.0.2
v2.0.1
v2.0
v1.1
v1.0
v0.8
v0.7.2
v0.7.1
v0.7
v0.6
v0.5
v0.4
v0.3.2
v0.3.1
v0.3
v0.2
v0.1
Labels
Clear labels   
Documentation

   
Documentation

   
bug

   
enhancement

   
feature request

   
feature request

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
security

   
security

   
testing
No labels
Documentation
Documentation
bug
enhancement
feature request
feature request
help wanted
pull-request
question
security
security
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/acme-dns#79
No description provided.