Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6893

ACME: Implement dns-01 validation method

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.14.0
    • Component/s: None
    • Labels:
      None
    • Epic Link:
    • Sprint:
      EJBCA Sprint 15

      Description

      Draft

      https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-8.4

      Description

      We currently only support http-01. Initially dns-01 was a bit to much initial work, but we have since then added some local competence in making DNS calls when implementing the CAA validator, and the required libs are already in place. 

      Testing

      Non-trivial, but we can (much like we did when testing IODEF for CAA) set up some sample records on our own DNS. Any underlying code should be designed (much like CAA in mind) to be able to be dry tested as easily as possible. 

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                amin Amin Khorsandi
                Reporter:
                mikek Mike Agrenius Kushner
                Verified by:
                Bastian Fredriksson
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 1 week
                  1w
                  Remaining:
                  Time Spent - 4 days, 6 hours Remaining Estimate - 2 hours
                  2h
                  Logged:
                  Time Spent - 4 days, 6 hours Remaining Estimate - 2 hours
                  4d 6h