Bug #16556
closed
ACME package unnecessarily references and checks for ACME v2
100%
Description
When configuring a custom ACME server, it is not possible to issue wildcard certificates due to a hardcoded check in the code, even though the ACME service itself supports wildcard certificates.
Relevant code section: https://github.com/pfsense/FreeBSD-ports/blob/f2bd3f8817739bf57d0f37225f434c6537fa7e02/security/pfSense-pkg-acme/files/usr/local/www/acme/acme_certificates_edit.php#L231-L233
If these lines are commented out, wildcard certificates can be issued successfully.
Updated by Jim Pingle 30 days ago
- Subject changed from Unable to issue wildcard certificate ussing custom server to ACME package unnecessarily references and checks for ACME v2
That check could be removed anyway since ACMEv1 has been retired since 2021 and the old server entries were removed long ago. Probably need to look around and make sure there aren't any other outdated references to ACMEv1 vs ACMEv2 while fixing this.
Updated by Marc Sánchez Fauste 29 days ago
Jim Pingle wrote in #note-1:
That check could be removed anyway since ACMEv1 has been retired since 2021 and the old server entries were removed long ago. Probably need to look around and make sure there aren't any other outdated references to ACMEv1 vs ACMEv2 while fixing this.
Fix proposal: https://github.com/pfsense/FreeBSD-ports/pull/1430
Updated by Jim Pingle 20 days ago
- Status changed from New to Waiting on Merge
Internal MR: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/451
Will merge after the 25.11 release.
Updated by Jim Pingle 14 days ago
- Status changed from Waiting on Merge to Closed
- % Done changed from 0 to 100
Merged.