[jboss-jira] [JBoss JIRA] (ELY-1666) Update AcmeClientSpi.changeAccountKey() to no longer send the newKey once the new ACME v2 changes are in production
Darran Lofthouse (JIRA)
issues at jboss.org
Thu Sep 13 11:22:03 EDT 2018
Darran Lofthouse created ELY-1666:
-------------------------------------
Summary: Update AcmeClientSpi.changeAccountKey() to no longer send the newKey once the new ACME v2 changes are in production
Key: ELY-1666
URL: https://issues.jboss.org/browse/ELY-1666
Project: WildFly Elytron
Issue Type: Bug
Components: API / SPI
Reporter: Farah Juma
Assignee: Farah Juma
Fix For: 1.6.1.Final, 1.7.0.CR1
For ELY-1629, {{AcmeClientSpi.changeAccountKey()}} was updated to include both {{newKey}} and {{oldKey}} in the inner payload for the account key change request to prepare for the ACME v2 key rollover [breaking change|https://community.letsencrypt.org/t/acme-v2-draft-13-compliant-key-rollover/68953]. Currently, specifying both works fine since Let's Encrypt's staging server will expect {{oldKey}} and ignore {{newKey}} and Let's Encrypt's production server will expect {{newKey}} and ignore {{oldKey}}. However, once the new ACME v2 key rollover changes are available in Let's Encrypt's production server on Aug. 23rd, we can update this method to only include the {{oldKey}} in the inner payload.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list