Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6893

ACME: Implement dns-01 validation method

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 6.14.0
    • Component/s: None
    • Labels:
      None
    • Epic Link:
    • Sprint:
      EJBCA Sprint 15

      Description

      Draft

      https://tools.ietf.org/html/draft-ietf-acme-acme-12#section-8.4

      Description

      We currently only support http-01. Initially dns-01 was a bit to much initial work, but we have since then added some local competence in making DNS calls when implementing the CAA validator, and the required libs are already in place. 

      Testing

      Non-trivial, but we can (much like we did when testing IODEF for CAA) set up some sample records on our own DNS. Any underlying code should be designed (much like CAA in mind) to be able to be dry tested as easily as possible. 

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              amin Amin Khorsandi
              Reporter:
              mikek Mike Agrenius Kushner
              Verified by:
              Bastian Fredriksson
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 1 week
                  1w
                  Remaining:
                  Time Spent - 4 days, 6 hours Remaining Estimate - 2 hours
                  2h
                  Logged:
                  Time Spent - 4 days, 6 hours Remaining Estimate - 2 hours
                  4d 6h