Support ACME V2 API and wildcard certificates

Question

Support ACME V2 API and wildcard certificates

Opened this issue 7 years ago · 5 comments

These are coming in January 2018 and it would be cool to have support right away: https://letsencrypt.org/2017/06/14/acme-v2-api.html

Gotta see if the ACME lib will be updated or if this is my problem to deal with!

Answer 1 · 2018-01-20T14:44:18.000Z

Update on this:

acme4j has been updated and there is a pending 2.0 release (currently available as a snapshot release), which will be released in stable form before Let's Encrypt launches their V2 service at the end of February.

Wildcard certificate support has been added in that library, too, but I haven't yet investigated which changes to the DNS responders (if any) are required for it.

Answer 2 · 2018-03-26T10:12:58.000Z

Production endpoint is available now.
https://community.letsencrypt.org/t/acme-v2-production-environment-wildcards/55578
So probably worth checking?

Answer 3 · 2018-03-26T10:42:48.000Z

@joeherwig Yep, it's on the TODO-list. I won't have time before the end of next week though.

If any changes (other than a version bump of the ACME-lib) are required, PRs are welcome!

Answer 4 · 2018-05-28T09:08:36.000Z

@tazjin I'd be interested in helping get this off the ground if you could give me some guidance and point me in the right direction of how to get started 👍

Answer 5 · 2018-05-28T09:12:29.000Z

@mansona Hey! As far as I know acme4j (the upstream library this project uses for speaking to Let's Encrypt) has been updated with support for wildcard certificates, so the first step is to update the library version used by the controller.

It'll probably become obvious at that point what needs to be done to support wildcard certificates (most likely some changes to how it decides where to create the verification records etc.)