ACME package update for ACME v2


  • Rebel Alliance Developer Netgate

    ACME package v0.2.1 is available now for users on 2.4.2, 2.3.5, and with the next snapshot runs of 2.4.3 and 2.3.6.

    This is a sizable updated to the ACME package which includes a number of improvements, including:

    • acme.sh updated to support ACME v2
    • Wildcard domain support
        * EXPERIMENTAL!! This requires ACME v2 and ONLY the staging server is online right now. Use for testing only.
    • ACME v2 server URLs added to Account Key options
        * EXPERIMENTAL!! ONLY the staging server is online right now. Use for testing only. Let's Encrypt is launching this service for production use soon, but it has been delayed.
    • E-Mail Address support added to Account Key options
    • Improve key length processing when creating a new certificate ( https://redmine.pfsense.org/issues/8305 ) – Must be a new certificate entry, renewing a certificate will not generate a new private key even if the selected size has changed.
    • Fix DNS-Manual issue/renew action ("call hook error"/no cert imported)
    • Misc other bug fixes

    New Providers:

    • AutoDNS (InternetX)
    • Azure (Microsoft)
    • DreamHost
    • Namesilo
    • Selectel
    • Zonomi

    Providers with updates/bug fixes:

    • Aliyuncs
    • AWS
    • ClouDNS
    • Cloudxns
    • Cloudflare
    • Dnspod.cn
    • GoDaddy
    • Hurricane Electric
    • INWX
    • ISPConfig
    • Luadns
    • NS1
    • OVH
    • Yandex

    The methods I am able to test here all worked fine, but as with any big update there is a potential for regressions. If any setup that was working before has broken in some way, please let me know, and be sure to include log output from the screen and /tmp/acme/<name>/*.log

    If you need help setting up ACME for the first time, please start a separate thread.</name>


Log in to reply