From 6cea9b5e95281844d88ed6bf9c2d78e8a29f1065 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Richard=20K=C3=B6rber?= Date: Wed, 26 Sep 2018 20:00:01 +0200 Subject: [PATCH] Support ACME draft 15 --- README.md | 2 +- src/site/markdown/migration.md | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 6caa3987..1a5385e1 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ It is an independent open source implementation that is not affiliated with or e ## Features -* Fully supports the ACME v2 protocol up to [draft 14](https://tools.ietf.org/html/draft-ietf-acme-acme-14) +* Fully supports the ACME v2 protocol up to [draft 15](https://tools.ietf.org/html/draft-ietf-acme-acme-15) * Supports the `http-01`, `dns-01` and `tls-alpn-01` challenges * Supports the [acme-ip draft](https://tools.ietf.org/html/draft-ietf-acme-ip) * Supports the [acme-star draft](https://tools.ietf.org/html/draft-ietf-acme-star) for short-term automatic certificate renewal (experimental) diff --git a/src/site/markdown/migration.md b/src/site/markdown/migration.md index 69d2de72..0477eb4c 100644 --- a/src/site/markdown/migration.md +++ b/src/site/markdown/migration.md @@ -2,6 +2,14 @@ This document will help you migrate your code to the latest _acme4j_ version. +## Migration to Version 2.4 + +- There was a major change in ACME draft 15. If you use _acme4j_ in a common way, it will transparently take care of everything in the background, so you won't even notice the change. + + However, if you connect to a different ACME server than Boulder (Let's Encrypt) or Pebble, you may now get strange errors from the server if it does not support the `POST-as-GET` requests of draft 15 yet. In that case, you can add a `postasget=false` parameter to the ACME server URI (e. g. `"https://localhost:15000/dir?postasget=false"`). Note that this is only a temporary workaround. It will be removed in a future version. Ask the server's CA to add support for ACME draft 15. + +- The `AcmeProvider.connect()` method now gets the ACME server URI as parameter. It allows to add query parameters to the server URI that change the behavior of the resulting connection. If you have implemented your own AcmeProvider, just change the method's signature to `Connection connect(URI serverUri)`, and ignore the parameter value. + ## Migration to Version 2.3 - `Authorization.getDomain()`, `Order.getDomains()` and `Problem.getDomain()` are deprecated now, and will be removed in version 2.4. If you use these methods, use `getIdentifier()` (or `getIdentifiers()`) to get an `Identifier` object, then invoke `Identifier.getDomain()` to get the domain name.