mirror of
https://github.com/certbot/certbot.git
synced 2026-06-04 06:15:36 -04:00
339d034d6a
Fixes #6755. POSTing the `keyAuthorization` in a JWS token when answering an ACME challenge, has been deprecated for some time now. Indeed, this is superfluous as the request is already authentified by the JWS signature. Boulder still accepts to see this field in the JWS token, and ignore it. Pebble in non strict mode also. But Pebble in strict mode refuses the request, to prepare complete removal of this field in ACME v2. Certbot still sends the `keyAuthorization` field. This PR removes it, and makes Certbot compliant with current ACME v2 protocol, and so Pebble in strict mode. See also [letsencrypt/pebble#192](https://github.com/letsencrypt/pebble/issues/192) for implementation details server side. * New implementation, with a fallback. * Add deprecation on changelog * Update acme/acme/client.py Co-Authored-By: adferrand <adferrand@users.noreply.github.com> * Fix an instance parameter * Update changelog, extend coverage * Update comment * Add unit tests on keyAuthorization dump * Update acme/acme/client.py Co-Authored-By: adferrand <adferrand@users.noreply.github.com> * Restrict the magic of setting a variable in immutable object in one place. Make a soon to be removed method private. |
||
|---|---|---|
| .. | ||
| acme | ||
| docs | ||
| examples | ||
| LICENSE.txt | ||
| MANIFEST.in | ||
| pytest.ini | ||
| README.rst | ||
| readthedocs.org.requirements.txt | ||
| setup.cfg | ||
| setup.py | ||
ACME protocol implementation in Python