Project

General

Profile

Actions
Copy link

Bug #16556

open

ACME package unnecessarily references and checks for ACME v2

Added by Marc Sánchez Fauste 9 days ago. Updated 2 days ago.

Status:
New
Priority:
Normal
Assignee:
Jim Pingle
Category:
ACME
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.8.1
Affected Plus Version:
Affected Architecture:
All

Description

When configuring a custom ACME server, it is not possible to issue wildcard certificates due to a hardcoded check in the code, even though the ACME service itself supports wildcard certificates.

Relevant code section: https://github.com/pfsense/FreeBSD-ports/blob/f2bd3f8817739bf57d0f37225f434c6537fa7e02/security/pfSense-pkg-acme/files/usr/local/www/acme/acme_certificates_edit.php#L231-L233

If these lines are commented out, wildcard certificates can be issued successfully.

Actions
Copy link
 #1

Updated by Jim Pingle 9 days ago

  • Subject changed from Unable to issue wildcard certificate ussing custom server to ACME package unnecessarily references and checks for ACME v2

That check could be removed anyway since ACMEv1 has been retired since 2021 and the old server entries were removed long ago. Probably need to look around and make sure there aren't any other outdated references to ACMEv1 vs ACMEv2 while fixing this.

Actions
Copy link
 #2

Updated by Marc Sánchez Fauste 8 days ago

Jim Pingle wrote in #note-1:

That check could be removed anyway since ACMEv1 has been retired since 2021 and the old server entries were removed long ago. Probably need to look around and make sure there aren't any other outdated references to ACMEv1 vs ACMEv2 while fixing this.

Fix proposal: https://github.com/pfsense/FreeBSD-ports/pull/1430

Actions
Copy link
 #3

Updated by Jim Pingle 2 days ago

  • Assignee set to Jim Pingle
Actions
Copy link

Also available in: Atom PDF