Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS-ALPN-01 Challenge support for ACME #788

Open
t-burch opened this issue Nov 21, 2023 · 1 comment
Open

TLS-ALPN-01 Challenge support for ACME #788

t-burch opened this issue Nov 21, 2023 · 1 comment
Assignees
@t-burch

Comments

@t-burch
Copy link
Collaborator

t-burch commented Nov 21, 2023
edited
Loading

None of the big name ACME implementations support this TLS based challenge type.
(NGiNX, Certbot, Apache, etc.)
So it would be a nice bonus for Membrane as one of the only ACME capable gateways/reverse-proxies with this challenge type.

From Let's Encrypt docs:

This challenge is not suitable for most people. It is best suited to authors of TLS-terminating reverse proxies that want to
perform host-based validation like HTTP-01, but want to do it entirely at the TLS layer in order to separate concerns. Right now
that mainly means large hosting providers, but mainstream web servers like Apache and Nginx could someday implement this
(and Caddy already does).
@t-burch t-burch self-assigned this Nov 29, 2023
@t-burch
Copy link
Collaborator Author

t-burch commented Nov 29, 2023

TLDR; It's like the HTTP Acme challenge but instead you can do it over HTTPS so you don't have to expose a HTTP port

@predic8 predic8 modified the milestone: 5.6.0 May 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@t-burch t-burch

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@predic8 @t-burch