github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity

Enhance CA docs

master
Richard Körber 2025-08-13 20:50:06 +02:00
parent 6692e5bf8e
commit 0c660946d0
No known key found for this signature in database
GPG Key ID: AAB9FD19C78AA3E0
4 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/doc/docs/ca/index.md
View File

@ -21,3 +21,6 @@ More CAs may be supported in future releases of _acme4j_.
Also, CAs can publish provider jar files that plug into _acme4j_ and offer extended support.
## Disclaimer
_acme4j_ is an independent software, and not officially supported or endorsed by any of these CAs. If you have _acme4j_ related issues, please do not ask them for support, but [open an issue here](https://codeberg.org/shred/acme4j/issues).

2
src/doc/docs/ca/letsencrypt.md
View File

@ -9,4 +9,4 @@ Website: [Let's Encrypt](https://letsencrypt.org)
## Note
* Let's Encrypt does not support `Account.getOrders()`. Invocation will throw an `AcmeNotSupportedException`.
* Let's Encrypt does not support `Account.getOrders()`, although it's required by RFC8555. Invocation will throw an `AcmeNotSupportedException`. See [this issue](https://github.com/letsencrypt/boulder/issues/3335) for more information.

4
src/doc/docs/ca/pebble.md
View File

@ -17,11 +17,11 @@ Pebble uses a self-signed certificate for HTTPS connections. The Pebble provider
The Pebble server provides an end-entity certificate for the `localhost` and `pebble` domain.
If your Pebble server can be reached at a different domain (like `pebble.example.com` above), you need to create a correct end-entity certificate on your Pebble server. [See here](https://github.com/letsencrypt/pebble/tree/main/test/certs) for how to use `minica` to create a matching certificate.
If your Pebble server can be reached at a different domain (like `pebble.example.com` above), you need to create a correct end-entity certificate on your Pebble server. [See here](https://github.com/letsencrypt/pebble/tree/main/test/certs) for how to use `minica` to create a matching certificate, and the section below for how to use it in your integration tests.
Otherwise, you will get an `AcmeNetworkException: Network error` that is caused by a `java.io.IOException: No subject alternative DNS name matching [...] found` when trying to access the Pebble server.
If you cannot create a correct end-entity certificate on your Pebble server, you could also disable host name verification on Java side: `-Djdk.internal.httpclient.disableHostnameVerification`
If you cannot create a correct end-entity certificate on your Pebble server, you could also globally disable host name verification on Java side: `-Djdk.internal.httpclient.disableHostnameVerification`
!!! warning
**Disable hostname verification for testing purposes only, never in a production environment!** Create a correct end-entity certificate whenever possible.

2
src/doc/docs/ca/zerossl.md
View File

@ -2,7 +2,7 @@
Website: [ZeroSSL](https://zerossl.com)
Available since acme4j 3.2.0
Available since acme4j 3.2.0. **This provider is experimental!**
## Connection URIs