On Mon, Dec 07, 2015 at 11:56:34AM -0800, Noah Kantrowitz wrote: > I wrote up some thoughts that have been brewing in my head for a bit on > making a truly transparent/generic ACME client, would love more eyes on it in > the hopes I've missed an option here: > https://coderanger.net/better-lets-encrypt/ > > --Noah
Honestly, I think it makes more sense to specify a standard location for challenge files on the system (I'm currently using /var/run/acme/acme-challenge) and design your software to serve requests for /.well-known/acme-challenge/ on it. If the location of challenge files is standardised, this alias can become a default for many web servers, frameworks, etc. It's similar to the standard "Alias /cgi-bin/ /usr/lib/cgi-bin/" of yesteryear, though hopefully with less security issues. _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
