Mailing List Archive | ports@openbsd.org

From:: Evan Silberman <evan@jklol.net>
Subject:: Re: acme-client: add challenge hook to support dns-01
To:: Christopher Zimmermann <chrisz@openbsd.org>
Cc:: Kristaps Dzonsons <kristaps@bsd.lv>, ports@openbsd.org
Date:: Tue, 20 Feb 2024 14:45:26 -0800

Download raw body.

Thread

2024-02-20 21:32 Christopher Zimmermann:
acme-client: add challenge hook to support dns-01
- 2024-02-20 22:45 Evan Silberman:
  acme-client: add challenge hook to support dns-01
- - 2024-02-22 15:50 Christopher Zimmermann:
    acme-client: add challenge hook to support dns-01
- 2024-02-21 08:03 Florian Obser:
  acme-client: add challenge hook to support dns-01


> On Feb 20, 2024, at 1:34 PM, Christopher Zimmermann <chrisz@openbsd.org> wrote:
> 
> Hi,
> 
> this diff adds a challenge hook to acme-client. This hook can be used to fulfill challenges. For example by putting the requested files onto a remote http server (http-01 challenge) or by modifying dns records (dns-01 challenge). The latter are needed to obtain wildcard certificates.
> Is this diff ok? Is the design of the hook interface sane? Any feedback is welcome.

Any example hook included should probably only use tools found in base, so it shouldn’t depend on curl.

2024-02-20 21:32 Christopher Zimmermann:
acme-client: add challenge hook to support dns-01
- 2024-02-20 22:45 Evan Silberman:
  acme-client: add challenge hook to support dns-01
- - 2024-02-22 15:50 Christopher Zimmermann:
    acme-client: add challenge hook to support dns-01
- 2024-02-21 08:03 Florian Obser:
  acme-client: add challenge hook to support dns-01