Comments (3)
AcmeJsonResource#update
will still update the status even if the AcmeRetryAfterException
is thrown. So actually it's correct to check getStatus()
first, and ignore the exception if the status has reached valid
or invalid
. I rather think it's a bit strange from ZeroSSL to send a Retry-After
header even if the resource has reached a terminal state.
Anyway, I am currently working on a new release that will help you in many aspects.
- It will support ZeroSSL out of the box.
- The example has been changed to correctly handle the Retry-After header.
- The whole
AcmeRetryAfterException
mechanism is a legacy from acme4j v2 that can be handled more elegantly now.
The new version is almost completed and should be released in the next couple of days.
from acme4j.
Thank you for the information.
I rather think it's a bit strange from ZeroSSL
I was not sure if this is a valid response or, as you said, a strange one. I had another look at the RFC and it only mentions "Retry-After" in combination with the "processing" state. So I notified ZeroSSL regarding this, let's see what they say.
It will support ZeroSSL out of the box.
What exactly do you mean with that?
Other then this unexpeced behavior we had no real problems with ZeroSSL in combination with this library.
Thanks
from acme4j.
I rather think it's a bit strange from ZeroSSL
I was not sure if this is a valid response or, as you said, a strange one. I had another look at the RFC and it only mentions "Retry-After" in combination with the "processing" state. So I notified ZeroSSL regarding this, let's see what they say.
Technically it's possible IMHO. However, what is the purpose to say: "the resource is finally valid, but ask again in 30 seconds"? π
It will support ZeroSSL out of the box.
What exactly do you mean with that?
There will be an acme://zerossl.com
URI instead of https:...
.
Other then this unexpeced behavior we had no real problems with ZeroSSL in combination with this library.
Thank you! That's good to know.
As I said, in the next version the Retry-After handling will be much easier.
from acme4j.
Related Issues (20)
- Did you find any provider for RFC8823 support / email-reply-00 challenges? HOT 4
- The challenge status is always "INVALID" HOT 5
- The challenge status was always "INVALID" HOT 13
- http://${domain}/.well-known/acme-challenge/${token}
- acme4j example is creating zero- length crt files HOT 10
- preferred-chain attribute, for alternate chains HOT 2
- Can only parse traditional files HOT 2
- EAB HMAC keys with arbitrary lengths HOT 5
- CVE-2023-33201 from Bouncy Castle HOT 8
- add utils to do pre validation or help
- How to check if certificate needs renewal without ordering a new one? HOT 8
- Is there a way to keep txt unchanged and verify twiceοΌ HOT 2
- New account registration HOT 1
- Bouncy Castel dependency? HOT 9
- Allow to pass query parameters in directory URL HOT 2
- Provide example showing how to save and load existing certificates HOT 2
- Abstract away certificate renewal HOT 6
- response is not reading correctly HOT 3
- Java 22 Support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from acme4j.