Opened 11 months ago

Closed 9 months ago

#24928 closed project (fixed)

Use `Manager.HTTPHandler` (ACME "HTTP-01" challenge) for automatic certificates

Reported by: dcf Owned by: dcf
Priority: Medium Milestone:
Component: Obfuscation/meek Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Let's Encrypt disabled the TLS-SNI challenge, which is the basis of the autocert package that meek-server uses for automatic TLS certificates:

I've informed the public meek-server operators about this and asked that they be ready with manual certificates in the short term.

The autocert package recently added support for the HTTP-01 challenge. It requires the server to listen on port 80.

Further reading:

Child Tickets

Change History (2)

comment:1 Changed 10 months ago by dcf

Similar ticket for Snowflake broker: #25345.

comment:2 Changed 9 months ago by dcf

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.