Bug 63066

Summary: Add support for ACME TLS-ALPN Challenges
Product: Apache httpd-2 Reporter: quanah.gibsonmount
Component: mod_http2Assignee: Apache HTTPD Bugs Mailing List <bugs>
Status: NEW ---    
Severity: enhancement    
Priority: P2    
Version: 2.4.37   
Target Milestone: ---   
Hardware: PC   
OS: All   

Description quanah.gibsonmount 2019-01-07 17:25:29 UTC
The mod_md work to support TLS-SNI challenges is no longer useful with Let's Encrypt as that method has been deprecated due to security issues.

The replacement is Acme's TLS-ALPN challenge as described in https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05

It would be very helpful for Apache HTTPD to support this new challenge type.
Comment 1 Stefan Eissing 2019-01-15 09:34:54 UTC
Totally agree. Note however that his necessitates the support for ACMEv2 where current mod_md only runs against a ACMEv1 endpoint.
Comment 2 Stefan Eissing 2019-03-19 10:12:01 UTC
A very early experience version can be found at the github repository: https://github.com/icing/mod_md

Always looking for testers and feedback.