Opened 5 days ago

#32964 new task

Redeploy Snowflake bridge with ACMEv2 by 2020-06-01

Reported by: dcf Owned by:
Priority: Medium Milestone:
Component: Circumvention/Snowflake Version:
Severity: Normal Keywords:
Cc: arlolra, cohosh, phw, dcf Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


I got this email today. 2a00:c6c0:0:151:4:8f94:69f5:7c01 is

Most likely, resolving this is just a matter of go get -u to pull an updated

According to our records, the software client you're using to get Let's Encrypt TLS/SSL certificates issued or renewed at least one HTTPS certificate in the past two weeks using the ACMEv1 protocol. Your client's IP address was:


Beginning June 1, 2020, we will stop allowing new domains to validate using the ACMEv1 protocol. You should upgrade to an ACMEv2 compatible client before then, or certificate issuance will fail. For most people, simply upgrading to the latest version of your existing client will suffice. You can view the client list at:

If you're unsure how your certificate is managed, get in touch with the person who installed the certificate for you. If you don't know who to contact, please view the help section in our community forum at and use the search bar to check if there's an existing solution for your question. If there isn't, please create a new topic and fill out the help template.

ACMEv1 API deprecation details can be found in our community forum:

As a reminder: In the future, Let's Encrypt will be performing multiple domain validation requests for each domain name when you issue a certificate. While you're working on migrating to ACMEv2, please check that your system configuration will not block validation requests made by new Let's Encrypt IP addresses, or block multiple matching requests. Per our FAQ (, we don't publish a list of IP addresses we use to validate, and this list may change at any time.

Child Tickets

Change History (0)

Note: See TracTickets for help on using tickets.