Deactivate default https beaviour: `By default Pebble is accessible over HTTPS-only`
firstdorsal opened this issue · 1 comments
How can you disable https?
Good question. For context, here's where the issue title is quoted from:
https://github.com/letsencrypt/pebble#avoiding-client-https-errors
By default Pebble is accessible over HTTPS-only and uses a test certificate generated using a test CA (See thetest/certs/ directory for more information).
Since the Pebble test CA isn't part of any default CA trust stores you must add the test/certs/pebble.minica.pem certificate to your client's trusted root configuration to avoid HTTPS errors. Your client should offer a runtime option to specify a list of trusted root CAs.
IMPORTANT: Do not add the pebble.minica.pem CA to the system-wide trust store or to any production systems/codebases. The private key for this CA is intentionally made publicly available in this repo.
Looking at the code, Pebble does not offer a way to serve the ACME API over plaintext HTTP, and I suspect that is intentional. So this documentation should probably not say "by default", since there is no setting that would change it.