[jboss-jira] [JBoss JIRA] (ELY-1640) Update AcmeClientSpi.changeAccountKey() to no longer send the newKey once the new ACME v2 changes are in production
Darran Lofthouse (JIRA)
issues at jboss.org
Thu Sep 13 11:17:01 EDT 2018
[ https://issues.jboss.org/browse/ELY-1640?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated ELY-1640:
----------------------------------
Fix Version/s: 1.7.0.CR1
> Update AcmeClientSpi.changeAccountKey() to no longer send the newKey once the new ACME v2 changes are in production
> -------------------------------------------------------------------------------------------------------------------
>
> Key: ELY-1640
> URL: https://issues.jboss.org/browse/ELY-1640
> Project: WildFly Elytron
> Issue Type: Bug
> Components: API / SPI
> Reporter: Farah Juma
> Assignee: Farah Juma
> Fix For: 1.6.1.CR1, 1.7.0.CR1
>
>
> For ELY-1629, {{AcmeClientSpi.changeAccountKey()}} was updated to include both {{newKey}} and {{oldKey}} in the inner payload for the account key change request to prepare for the ACME v2 key rollover [breaking change|https://community.letsencrypt.org/t/acme-v2-draft-13-compliant-key-rollover/68953]. Currently, specifying both works fine since Let's Encrypt's staging server will expect {{oldKey}} and ignore {{newKey}} and Let's Encrypt's production server will expect {{newKey}} and ignore {{oldKey}}. However, once the new ACME v2 key rollover changes are available in Let's Encrypt's production server on Aug. 23rd, we can update this method to only include the {{oldKey}} in the inner payload.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list