Skip to content

Don't hardcode intermediate certificate #65

Description

@zorun

Related to #63 and #64 (ping @sbadia )

It's likely that Let's Encrypt will change its intermediate cert again to switch to ECDSA : https://letsencrypt.org/certificates/
It would be better to avoid hardcoding the intermediate in lecm. In fact, if Let's Encrypt start using several intermediate certs at the same time, lecm would be completely broken.

It should be possible to retrieve the right intermediate in the ACME response, but it's poorly documented. I found this doc which is quite sparse but gives the idea: https://letsencrypt.org/docs/integration-guide/

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions