Community
Buypass Company Site
Search
How to enable Javascript
Sign Up
Login
Welcome to the Community!
Search the community
Community
Buypass Company Site
Home
Latest Posts
Re: How to invalidate pending authorizations
Hi @Daniel Sorry for late reply. We have recently introduced a one-week sliding window for pending authorizations. So only pending authorizations during recent 7 days will be taken into account when…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: Error: "Certificate format requested not supported"
Hi @Andreea Ramstadt This bug was fixed. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: ACME : An unexpected error occurred:
Hi @Daniel Sorry for late reply. It is possible to use the https://tools.ietf.org/html/rfc8555#section-7.5.2 authorization-deactivation feature to deactivate authorization.…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: RFC8555 section 7.3.1 compliance
Hi @Attila Thanks for reporting this case. We have added it to the bug tracker. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
1
Questions
Reported - view
Re: How to invalidate pending authorizations
Hi @Dongyeon We are investigating this case. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Reported - view
Re: Error: All authorizations were not finalized by the CA
Hi @ProK Please provide us with more details when you experience such error: like “MDC-correlationId” response header value, which is sent as a response header from our server and also the date/time…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Reported - view
Re: DNS challenge: authz is pending, challenge processing even after error is present
Hi @Felix Fontein Thanks for providing the details, this made the investigation easier. We have implemented the retrying of challenges https://tools.ietf.org/html/rfc8555#section-8.…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: Finding existing accounts (by key) and revocation
Hi @Felix Fontein 1. We improved our solution according to the suggested flow and this is available now in our test environment. 2. We do not support revocation requests that are signed with the key…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
1
Questions
Answer
Reported - view
Re: Issue while generating certificate from DNS challenge
Hi @ProK Our implementation reuses authorization for a domain while it has not expired. So when the request is made to authorize the domain, the server can send in response to the client previous…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: Trouble with ACME v1 endpoint
Hi @Felix Fontein The JWS has duplicate keys alg and jwk in protected and unprotected headers. Therefore the jws was rejected by the server. Info from JWS spec: “ For a JWS,…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: http-01 DCV not working in ACME v2 Test endpoint
Hi @Devarajan We have investigated this case and didn’t find any issues with completing the http-01 validation on 27,28 of August. However we have added more logging to our solution now to help…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: Do you follow redirect when validate http-01 ?
Hi @chin , @Magnus Our implementation does not follow redirects. Regards, @Andriy Mahats
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: Unable to complete validating domain
Hi @Kim We have investigated this case and found that during the domain validation, the TXT record returned from the validation domain name, did not contain the correct digest value.…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: Please check and correct the error of DNS-01 challenge validation
Hi @chin We have investigated this case and found that during the domain validation, the TXT records returned from the validation domain name, did not contain the digest value.…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Answer
Reported - view
Re: Unable to complete validating domain
Hi @Kim Our server requires keyAuthorization to be a part of the request to validate the challenge. However it is not required in the standardized ACME version. We are working on a patch to fix this.…
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Reported - view
Re: ACME v2 production endpoint
Hi @Tor Ø. Stenvaag We haven’t decided on the deploy date for v2 yet. Once we have support for it in production, we will publish information in the Community. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
1 yr ago
Questions
Reported - view
Re: TypeError: 'NoneType' object is not iterable
Hi @Adrian Rose We have fixed possible cause for this error. Please let us know if you still experience an issue. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Answer
Reported - view
Re: Error: "Certificate format requested not supported"
Hi @Andreea Ramstadt We have identified a bug in content negotiation on the new-cert endpoint and are working to fix this. Alternatively, you can specify "application/pkix-cert" as value of Accept…
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Official response
Reported - view
Re: cert-manager and Kubernetes
Hi @Hans Flaatten We have released a fix to resolve this issue last week. If you still experience problems, please try to activate “verbose” mode in the client you use – so there might be more…
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Answer
Reported - view
Re: Error: "Certificate format requested not supported"
Hi @Andreea Ramstadt We have now added more logging to see what might cause the error. Please make request again on that environment. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Reported - view
Re: TypeError: 'NoneType' object is not iterable
Hi @Adrian Rose We have identified possible cause for this error and are working to resolve this. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Reported - view
Re: cert-manager and Kubernetes
Hi @Vidar Waagbø This is likely due to the fact that the request to create an account doesn’t contain the termsOfServiceAgreed field. Since we require clients to agree to terms of service,…
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Official response
Reported - view
Re: TypeError: 'NoneType' object is not iterable
Hi @Adrian Rose We found that there were several requests to authorize the requested domain, most of them were rejected due to CAA. The response should have contained the details for the error too.…
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Reported - view
Re: Wild Card Certificate Support
Hi @Adrian Rose We have not decided when to release it to production. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Answer
Reported - view
Re: ACMEv2 production endpoint
Hi @Vidar Waagbø We have not decided when to release it to production. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
2 yrs ago
Questions
Answer
Reported - view
1
2
3
Next
official rep
Andriy Mahats
Andriy_Mahats
61
8
1
Follow
Home
GO SSL ACME
Technical Information
Tips, Tricks and Guides
Discussion
Questions
View all topics
Buypass Official Community
This is the official community of Buypass. A Root CA located in Norway.
Buypass Company Site