Bug 63066 - Add support for ACME TLS-ALPN Challenges
Summary: Add support for ACME TLS-ALPN Challenges
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_http2 (show other bugs)
Version: 2.4.37
Hardware: PC All
: P2 enhancement (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2019-01-07 17:25 UTC by quanah.gibsonmount
Modified: 2019-03-19 10:12 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description quanah.gibsonmount 2019-01-07 17:25:29 UTC
The mod_md work to support TLS-SNI challenges is no longer useful with Let's Encrypt as that method has been deprecated due to security issues.

The replacement is Acme's TLS-ALPN challenge as described in https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05

It would be very helpful for Apache HTTPD to support this new challenge type.
Comment 1 Stefan Eissing 2019-01-15 09:34:54 UTC
Totally agree. Note however that his necessitates the support for ACMEv2 where current mod_md only runs against a ACMEv1 endpoint.
Comment 2 Stefan Eissing 2019-03-19 10:12:01 UTC
A very early experience version can be found at the github repository: https://github.com/icing/mod_md

Always looking for testers and feedback.