forked from TrueCloudLab/lego
1164f441bd
* Client: Do not send a JWS body when POSTing challenges.
In legacy ACME there was a requirement to send a JWS body that contained
a key authorization as part of all challenge initiation POSTs. Since
both the client and server can reconstitute the key authorization there
is no need to send it and modern ACME expects challenges to be initiated
with a JWS carrying the trivial empty JSON object (`{}`). Some ACME
servers (e.g. Pebble in `-strict` mode) will reject all challenge POSTs
that have a legacy JWS body.
This commit updates the LEGO `acme/client.go`'s `validate` function to
send the correct JWS payload for challenge POSTs.
|
||
|---|---|---|
| .. | ||
| testdata | ||
| challenges.go | ||
| client.go | ||
| client_test.go | ||
| crypto.go | ||
| crypto_test.go | ||
| dns_challenge.go | ||
| dns_challenge_manual.go | ||
| dns_challenge_test.go | ||
| error.go | ||
| http.go | ||
| http_challenge.go | ||
| http_challenge_server.go | ||
| http_challenge_test.go | ||
| http_test.go | ||
| jws.go | ||
| messages.go | ||
| provider.go | ||
| tls_alpn_challenge.go | ||
| tls_alpn_challenge_server.go | ||
| tls_alpn_challenge_test.go | ||
| utils.go | ||
| utils_test.go | ||