Bug #9340
closed
Buypass CA does not support wildcard
100%
Description
The BuyPass server is listed as "acmev2":
BuyPass Production ACME v2 (Applies rate limits to certificate requests)
But their website is stating that wildcard is not supported: https://www.buypass.no/ssl/products/acme
When issuing wildcard cert with the buypass server i get:
A wildcard 'Domainname' is present but the ACME Account key is not registered to an ACME v2 server.
If BuyPass' server is actually acmev2 this error message should be changed to "A wildcard 'Domainname' is present but BuyPass is not supporting wildcard certificate.".
If BuyPass' server is in fact acmev2 the acme_accountkeys.php should be updated accordingly.
Updated by Jim Pingle almost 6 years ago
- Subject changed from buypass error to Buypass CA does not support wildcard
- Assignee set to Jim Pingle
We can remove the "ACME v2" label from Buypass but the error message you quote doesn't appear to come from this package or acme.sh, it may be sent back from the remote server. In that case you'd have to contact Buypass to have them send a more accurate error message.
We could maybe also add input validation to prevent saving the cert entry if a Buypass CA is selected and a wildcard entry is in the SAN list.
Updated by Idar Lund almost 6 years ago
At Let's encrypt:
acme1: https://acme-staging.api.letsencrypt.org/directory
acme2: https://acme-staging-v02.api.letsencrypt.org/directory
The api for BuyPass seems to be acmev1: https://api.buypass.com/acme/directory
So I guess the right thing to do is to rename "BuyPass Production ACME v2 (Applies rate limits to certificate requests)" to "BuyPass Production ACME v1 (Applies rate limits to certificate requests)".