1164f441bd
* Client: Do not send a JWS body when POSTing challenges. In legacy ACME there was a requirement to send a JWS body that contained a key authorization as part of all challenge initiation POSTs. Since both the client and server can reconstitute the key authorization there is no need to send it and modern ACME expects challenges to be initiated with a JWS carrying the trivial empty JSON object (`{}`). Some ACME servers (e.g. Pebble in `-strict` mode) will reject all challenge POSTs that have a legacy JWS body. This commit updates the LEGO `acme/client.go`'s `validate` function to send the correct JWS payload for challenge POSTs. |
||
---|---|---|
.. | ||
testdata | ||
challenges.go | ||
client.go | ||
client_test.go | ||
crypto.go | ||
crypto_test.go | ||
dns_challenge.go | ||
dns_challenge_manual.go | ||
dns_challenge_test.go | ||
error.go | ||
http.go | ||
http_challenge.go | ||
http_challenge_server.go | ||
http_challenge_test.go | ||
http_test.go | ||
jws.go | ||
messages.go | ||
provider.go | ||
tls_alpn_challenge.go | ||
tls_alpn_challenge_server.go | ||
tls_alpn_challenge_test.go | ||
utils.go | ||
utils_test.go |