mirrors/acme4j
1
0
Fork 0
mirror of https://github.com/shred/acme4j.git synced 2025-12-13 11:14:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remove Buypass provider

Browse Source 
Reason: Buypass terminates its ACME service
This commit is contained in:
Richard Körber
2025-10-07 14:19:21 +02:00
parent dc7182ca1f
commit 47555b915c
12 changed files with 3 additions and 207 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -20,7 +20,7 @@ This Java client helps to connect to an ACME server, and performing all necessar
* Supports [draft-ietf-acme-dns-account-label-01](https://datatracker.ietf.org/doc/draft-ietf-acme-dns-account-label/) for DNS labeled with ACME account ID challenges (experimental)
* Easy to use Java API
* Requires JRE 17 or higher
* Supports [Actalis](https://www.actalis.com/), [Buypass](https://buypass.com/), [Google Trust Services](https://pki.goog/), [Let's Encrypt](https://letsencrypt.org/), [SSL.com](https://www.ssl.com/), [ZeroSSL](https://zerossl.com/), and **all other CAs that comply with the ACME protocol (RFC 8555)**. Note that _acme4j_ is an independent project that is not supported or endorsed by any of the CAs.
* Supports [Actalis](https://www.actalis.com/), [Google Trust Services](https://pki.goog/), [Let's Encrypt](https://letsencrypt.org/), [SSL.com](https://www.ssl.com/), [ZeroSSL](https://zerossl.com/), and **all other CAs that comply with the ACME protocol (RFC 8555)**. Note that _acme4j_ is an independent project that is not supported or endorsed by any of the CAs.
* Built with maven, packages available at [Maven Central](http://search.maven.org/#search|ga|1|g%3A%22org.shredzone.acme4j%22)
* Extensive unit and integration tests
* Adheres to [Semantic Versioning](https://semver.org/)

1
acme4j-client/src/main/java/module-info.java
View File

@@ -37,7 +37,6 @@ module org.shredzone.acme4j {
provides org.shredzone.acme4j.provider.AcmeProvider
with org.shredzone.acme4j.provider.GenericAcmeProvider,
org.shredzone.acme4j.provider.actalis.ActalisAcmeProvider,
org.shredzone.acme4j.provider.buypass.BuypassAcmeProvider,
org.shredzone.acme4j.provider.google.GoogleAcmeProvider,
org.shredzone.acme4j.provider.letsencrypt.LetsEncryptAcmeProvider,
org.shredzone.acme4j.provider.pebble.PebbleAcmeProvider,

63
acme4j-client/src/main/java/org/shredzone/acme4j/provider/buypass/BuypassAcmeProvider.java
View File

@@ -1,63 +0,0 @@
/*
* acme4j - Java ACME client
*
* Copyright (C) 2024 Richard "Shred" Körber
* http://acme4j.shredzone.org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/
package org.shredzone.acme4j.provider.buypass;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import org.shredzone.acme4j.exception.AcmeProtocolException;
import org.shredzone.acme4j.provider.AbstractAcmeProvider;
import org.shredzone.acme4j.provider.AcmeProvider;
/**
* An {@link AcmeProvider} for the <em>Buypass</em>.
* <p>
* The {@code serverUri} is {@code "acme://buypass.com"} for the production server,
* and {@code "acme://buypass.com/staging"} for the staging server.
*
* @see <a href="https://www.buypass.com/products/tls-ssl-certificates/go-ssl">https://www.buypass.com/products/tls-ssl-certificates/go-ssl</a>
* @since 3.5.0
*/
public class BuypassAcmeProvider extends AbstractAcmeProvider {
private static final String PRODUCTION_DIRECTORY_URL = "https://api.buypass.com/acme/directory";
private static final String STAGING_DIRECTORY_URL = "https://api.test4.buypass.no/acme/directory";
@Override
public boolean accepts(URI serverUri) {
return "acme".equals(serverUri.getScheme())
&& "buypass.com".equals(serverUri.getHost());
}
@Override
public URL resolve(URI serverUri) {
var path = serverUri.getPath();
String directoryUrl;
if (path == null || path.isEmpty() || "/".equals(path)) {
directoryUrl = PRODUCTION_DIRECTORY_URL;
} else if ("/staging".equals(path)) {
directoryUrl = STAGING_DIRECTORY_URL;
} else {
throw new IllegalArgumentException("Unknown URI " + serverUri);
}
try {
return URI.create(directoryUrl).toURL();
} catch (MalformedURLException ex) {
throw new AcmeProtocolException(directoryUrl, ex);
}
}
}

29
acme4j-client/src/main/java/org/shredzone/acme4j/provider/buypass/package-info.java
View File

@@ -1,29 +0,0 @@
/*
* acme4j - Java ACME client
*
* Copyright (C) 2024 Richard "Shred" Körber
* http://acme4j.shredzone.org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/
/**
* This package contains the {@link org.shredzone.acme4j.provider.AcmeProvider} for+
* Buypass.
*
* @see <a href="https://www.buypass.com/products/tls-ssl-certificates/go-ssl">https://www.buypass.com/products/tls-ssl-certificates/go-ssl</a>
*/
@ReturnValuesAreNonnullByDefault
@DefaultAnnotationForParameters(NonNull.class)
@DefaultAnnotationForFields(NonNull.class)
package org.shredzone.acme4j.provider.buypass;
import edu.umd.cs.findbugs.annotations.DefaultAnnotationForFields;
import edu.umd.cs.findbugs.annotations.DefaultAnnotationForParameters;
import edu.umd.cs.findbugs.annotations.NonNull;
import edu.umd.cs.findbugs.annotations.ReturnValuesAreNonnullByDefault;

3
acme4j-client/src/main/resources/META-INF/services/org.shredzone.acme4j.provider.AcmeProvider
View File

@@ -2,9 +2,6 @@
# Actalis: https://www.actalis.com/
org.shredzone.acme4j.provider.actalis.ActalisAcmeProvider
# Buypass: https://buypass.com/
org.shredzone.acme4j.provider.buypass.BuypassAcmeProvider
# Google Trust Services: https://pki.goog/
org.shredzone.acme4j.provider.google.GoogleAcmeProvider

65
acme4j-client/src/test/java/org/shredzone/acme4j/provider/buypass/BuypassAcmeProviderTest.java
View File

@@ -1,65 +0,0 @@
/*
* acme4j - Java ACME client
*
* Copyright (C) 2024 Richard "Shred" Körber
* http://acme4j.shredzone.org
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/
package org.shredzone.acme4j.provider.buypass;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.shredzone.acme4j.toolbox.TestUtils.url;
import java.net.URI;
import java.net.URISyntaxException;
import org.assertj.core.api.AutoCloseableSoftAssertions;
import org.junit.jupiter.api.Test;
/**
* Unit tests for {@link BuypassAcmeProvider}.
*/
public class BuypassAcmeProviderTest {
private static final String PRODUCTION_DIRECTORY_URL = "https://api.buypass.com/acme/directory";
private static final String STAGING_DIRECTORY_URL = "https://api.test4.buypass.no/acme/directory";
/**
* Tests if the provider accepts the correct URIs.
*/
@Test
public void testAccepts() throws URISyntaxException {
var provider = new BuypassAcmeProvider();
try (var softly = new AutoCloseableSoftAssertions()) {
softly.assertThat(provider.accepts(new URI("acme://buypass.com"))).isTrue();
softly.assertThat(provider.accepts(new URI("acme://buypass.com/"))).isTrue();
softly.assertThat(provider.accepts(new URI("acme://buypass.com/staging"))).isTrue();
softly.assertThat(provider.accepts(new URI("acme://example.com"))).isFalse();
softly.assertThat(provider.accepts(new URI("http://example.com/acme"))).isFalse();
softly.assertThat(provider.accepts(new URI("https://example.com/acme"))).isFalse();
}
}
/**
* Test if acme URIs are properly resolved.
*/
@Test
public void testResolve() throws URISyntaxException {
var provider = new BuypassAcmeProvider();
assertThat(provider.resolve(new URI("acme://buypass.com"))).isEqualTo(url(PRODUCTION_DIRECTORY_URL));
assertThat(provider.resolve(new URI("acme://buypass.com/"))).isEqualTo(url(PRODUCTION_DIRECTORY_URL));
assertThat(provider.resolve(new URI("acme://buypass.com/staging"))).isEqualTo(url(STAGING_DIRECTORY_URL));
assertThrows(IllegalArgumentException.class, () -> provider.resolve(new URI("acme://buypass.com/v99")));
}
}

20
acme4j-it/src/test/java/org/shredzone/acme4j/it/ProviderIT.java
View File

@@ -50,26 +50,6 @@ public class ProviderIT {
assertThat(session.resourceUrlOptional(Resource.RENEWAL_INFO)).isNotEmpty();
}
/**
* Test Buypass
*/
@Test
public void testBuypass() throws AcmeException, MalformedURLException {
var session = new Session("acme://buypass.com");
assertThat(session.getMetadata().getWebsite()).hasValue(URI.create("https://buypass.com/").toURL());
assertThatNoException().isThrownBy(() -> session.resourceUrl(Resource.NEW_ACCOUNT));
assertThat(session.getMetadata().isExternalAccountRequired()).isFalse();
assertThat(session.getMetadata().isAutoRenewalEnabled()).isFalse();
assertThat(session.resourceUrlOptional(Resource.RENEWAL_INFO)).isNotEmpty();
var sessionStage = new Session("acme://buypass.com/staging");
assertThat(sessionStage.getMetadata().getWebsite()).hasValue(URI.create("https://buypass.com/").toURL());
assertThatNoException().isThrownBy(() -> sessionStage.resourceUrl(Resource.NEW_ACCOUNT));
assertThat(sessionStage.getMetadata().isExternalAccountRequired()).isFalse();
assertThat(sessionStage.getMetadata().isAutoRenewalEnabled()).isFalse();
assertThat(sessionStage.resourceUrlOptional(Resource.RENEWAL_INFO)).isNotEmpty();
}
/**
* Test Google CA
*/

22
src/doc/docs/ca/buypass.md
View File

@@ -1,22 +0,0 @@
# Buypass
Website: [Buypass](https://buypass.com/)
Available since acme4j 3.5.0
## Connection URIs
* `acme://buypass.com` - Production server
* `acme://buypass.com/staging` - Staging server
## Note
At the time of writing (September 2024), Buypass does not support the `secp384r1` ECDSA key that is generated in the [acme4j example](../example.md). You can fix this by using an RSA key, e.g.:
```java
private static Supplier<KeyPair> ACCOUNT_KEY_SUPPLIER = () -> KeyPairUtils.createKeyPair(4096);
```
## Disclaimer
_acme4j_ is not officially supported or endorsed by Buypass. If you have _acme4j_ related issues, please do not ask them for support, but [open an issue here](https://codeberg.org/shred/acme4j/issues).

1
src/doc/docs/ca/index.md
View File

@@ -10,7 +10,6 @@ _acme4j_ should support any CA that is providing an ACME server.
The _acme4j_ package contains these providers (in alphabetical order):
* [Actalis](actalis.md)
* [Buypass](buypass.md)
* [Google](google.md)
* [Let's Encrypt](letsencrypt.md)
* [Pebble](pebble.md)

2
src/doc/docs/index.md
View File

@@ -24,7 +24,7 @@ Latest version: ![maven central](https://shredzone.org/maven-central/org.shredzo
* Supports [draft-ietf-acme-dns-account-label-01](https://datatracker.ietf.org/doc/draft-ietf-acme-dns-account-label/) for DNS labeled with ACME account ID challenges (experimental)
* Easy to use Java API
* Requires JRE 17 or higher
* Supports [Actalis](https://www.actalis.com/), [Buypass](https://buypass.com/), [Google Trust Services](https://pki.goog/), [Let's Encrypt](https://letsencrypt.org/), [SSL.com](https://www.ssl.com/), [ZeroSSL](https://zerossl.com/), and **all other CAs that comply with the ACME protocol (RFC 8555)**. Note that _acme4j_ is an independent project that is not supported or endorsed by any of the CAs.
* Supports [Actalis](https://www.actalis.com/), [Google Trust Services](https://pki.goog/), [Let's Encrypt](https://letsencrypt.org/), [SSL.com](https://www.ssl.com/), [ZeroSSL](https://zerossl.com/), and **all other CAs that comply with the ACME protocol (RFC 8555)**. Note that _acme4j_ is an independent project that is not supported or endorsed by any of the CAs.
* Built with maven, packages available at [Maven Central](http://search.maven.org/#search|ga|1|g%3A%22org.shredzone.acme4j%22)
* Extensive unit and integration tests
* Adheres to [Semantic Versioning](https://semver.org/)

1
src/doc/docs/migration.md
View File

@@ -8,6 +8,7 @@ This document will help you migrate your code to the latest _acme4j_ version.
- _acme4j_ requires JRE 17 or higher now.
- In order to keep the API consistent, the static method `Dns01Challenge.toRRName()` is replaced with a class method `Dns01Challenge.getRRName()`. So all you have to do is to invoke `challenge.getRRName()` instead of `Dns01Challenge.toRRName()`.
- Default network timeout has been increased from 10 seconds to 30 seconds. If you require short timeouts, you can change the duration in the [network settings](usage/advanced.md#network-settings).
- [**Buypass terminates the issuance of GoSSL certificates.**](https://community.buypass.com/t/y4y130p) Starting October 15, 2025, no new certificates will be issued. On April 15, 2026, their ACME services will be terminated. For this reason, Buypass support has been completely removed from _acme4j_. **If you require _acme4j_ for Buypass services (e.g. for revocation), do not update to this version before April 15, 2026.**
## Migration to Version 3.5.0

1
src/doc/mkdocs.yml
View File

@@ -45,7 +45,6 @@ nav:
- CA:
- 'ca/index.md'
- 'ca/actalis.md'
- 'ca/buypass.md'
- 'ca/google.md'
- 'ca/letsencrypt.md'
- 'ca/pebble.md'