Disclaimer: Steffen and me got into each others hairs during the development
and testing of mod_md. I often have difficulties understanding what he means.
That led to frustrations on both sides, I suppose.
In the comment below, I find several things factually wrong, so I need to
> Am 19.11.2017 um 16:21 schrieb Steffen <i...@apachelounge.com>:
> It is not really a module, more a configuration/install utility. And
> introducing curl and jansson dependencies.
It does several things and "install" utility cannot do without either living in
the server or parsing/rewriting arbitrary config files. But if you never use
these additional features, other tools might work as well, sure.
> Running mod_md from the beginning and made available at ApacheLounge. It was
> a struggle to get it working for me and others, docu needs more eyes for
> reviews. It works ok, but I do not see that advantage over other utilities
> out there.
You should use the utility that serves you best. If you expect any less than
struggle when using pre-alpha versions in development, you should adjust your
> In January LetsEncrypt is starting with wildcard certs. Maybe worth to wait.
> I know users waiting for that and experience learns that changes at LE can
> trouble mod_md.
This is FUD. The protocol that mod_md talks with LE will not change by the
wildcard introduction. LE is prepared to maintain the current v1 API point
indefinitely, because there are many sites and tools out there that use it.
The bug you probably refer to was the change of the License agreement last
week, mod_md stalled on certificate renewal and gave a proper NOTICE message in
the logs about what went wrong. The bug was fixed by me the next day. A
workaround without the fix is possible by moving aside the existing account
So, had this been released already, we could have provided a workaround at once
(after analysing the problem) and a fix right after. The marking of it as
"experimental" is always a warning that some bumps in the road are to be