Hello, I'm pleased to announce reference implementations of the dns-persist-01 challenge method specified in draft-sheurich-acme-dns-persist.
Two interoperable implementations are now available: * Server (letsencrypt/pebble): https://github.com/sheurich/pebble/compare/main...sheurich:pebble:dns-persist-01 * Client (eggsampler/acme): https://github.com/sheurich/eggsampler-acme/compare/master...sheurich:eggsampler-acme:dns-persist-01 A fully automated demo script that clones both repositories and demonstrates end-to-end certificate issuance (regular and wildcard) is available at: https://gist.github.com/sheurich/82dc4bc86202497c2d6f5f0c592c2bcb The implementations demonstrate: - TXT record format per RFC 8659 (issuer-domain-name; accounturi=URI[; policy=wildcard]) - Persistent validation records reusable across multiple certificate requests - Wildcard certificate policy enforcement - Optional persistUntil timestamp support These implementations support the current call for adoption of draft-sheurich-acme-dns-persist. Feedback welcome. Best regards, Shiloh Heurich _______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
