Skip to main content
Community
How to enable Javascript
Sign Up
Login
Community
Community
Buypass Company Site
Home
Profile
Andriy Mahats
official rep
Andriy_Mahats
Joined
Thu Nov 15 08:54:09 UTC 2018
67
posts
10
likes received
1
followers
Latest Posts
Re: Future features
Hi @chin We plan to implement following of redirects. However, the ETA of it is unknown. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
1
Discussion
Reported - view
Re: Chain/fullchain file contains unexpected characters
Hi @Jozsef Szilagyi Thanks for raising this question and feedback! We have verified our implementation and the chain, as returned from API and didn’t find any divergences from https://tools.ietf.…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Reported - view
Re: v2 new-order failure internal error (with log)
Hi @Jay737 Sorry for late reply. There happened an internal timeout in our system during CAA resolution, which took considerable time (possibly because of lack of configuration on the domain to be…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Reported - view
Re: Buypass not sending CAA violation reports (IODEF)
Hi @Jamie Scaife We do not currently have any plans to send IODEF incident reports as defined in the CAA specification. However, as this could have value for the wider ecosystem,…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
1
Questions
Answer
Reported - view
Re: Support for IDN Domains
Hi @Georg We haven’t taken the decision yet whether to enable following of redirects during the http challenge validation. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Reported - view
Re: RFC8555 section 7.3.1 compliance
Hi @Attila Sorry for late reply. Thanks for reporting. We plan to fix it. However ETA of the fix is currently unknown. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Reported - view
Re: How to invalidate pending authorizations
Hi @Daniel Sorry for late reply. We have recently introduced a one-week sliding window for pending authorizations. So only pending authorizations during recent 7 days will be taken into account when…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: Error: "Certificate format requested not supported"
Hi @Andreea Ramstadt This bug was fixed. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: ACME : An unexpected error occurred:
Hi @Daniel Sorry for late reply. It is possible to use the https://tools.ietf.org/html/rfc8555#section-7.5.2 authorization-deactivation feature to deactivate authorization.…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: RFC8555 section 7.3.1 compliance
Hi @Attila Thanks for reporting this case. We have added it to the bug tracker. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
1
Questions
Reported - view
Re: How to invalidate pending authorizations
Hi @Dongyeon We are investigating this case. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Reported - view
Re: Error: All authorizations were not finalized by the CA
Hi @ProK Please provide us with more details when you experience such error: like “MDC-correlationId” response header value, which is sent as a response header from our server and also the date/time…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Reported - view
Re: DNS challenge: authz is pending, challenge processing even after error is present
Hi @Felix Fontein Thanks for providing the details, this made the investigation easier. We have implemented the retrying of challenges https://tools.ietf.org/html/rfc8555#section-8.…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: Finding existing accounts (by key) and revocation
Hi @Felix Fontein 1. We improved our solution according to the suggested flow and this is available now in our test environment. 2. We do not support revocation requests that are signed with the key…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
1
Questions
Answer
Reported - view
Re: Issue while generating certificate from DNS challenge
Hi @ProK Our implementation reuses authorization for a domain while it has not expired. So when the request is made to authorize the domain, the server can send in response to the client previous…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: Trouble with ACME v1 endpoint
Hi @Felix Fontein The JWS has duplicate keys alg and jwk in protected and unprotected headers. Therefore the jws was rejected by the server. Info from JWS spec: “ For a JWS,…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: http-01 DCV not working in ACME v2 Test endpoint
Hi @Devarajan We have investigated this case and didn’t find any issues with completing the http-01 validation on 27,28 of August. However we have added more logging to our solution now to help…
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: Do you follow redirect when validate http-01 ?
Hi @chin , @Magnus Our implementation does not follow redirects. Regards, @Andriy Mahats
Andriy Mahats
official rep
Andriy_Mahats
5 yrs ago
Questions
Answer
Reported - view
Re: Unable to complete validating domain
Hi @Kim We have investigated this case and found that during the domain validation, the TXT record returned from the validation domain name, did not contain the correct digest value.…
Andriy Mahats
official rep
Andriy_Mahats
6 yrs ago
Questions
Answer
Reported - view
Re: Please check and correct the error of DNS-01 challenge validation
Hi @chin We have investigated this case and found that during the domain validation, the TXT records returned from the validation domain name, did not contain the digest value.…
Andriy Mahats
official rep
Andriy_Mahats
6 yrs ago
Questions
Answer
Reported - view
Re: Unable to complete validating domain
Hi @Kim Our server requires keyAuthorization to be a part of the request to validate the challenge. However it is not required in the standardized ACME version. We are working on a patch to fix this.…
Andriy Mahats
official rep
Andriy_Mahats
6 yrs ago
Questions
Reported - view
Re: ACME v2 production endpoint
Hi @Tor Ø. Stenvaag We haven’t decided on the deploy date for v2 yet. Once we have support for it in production, we will publish information in the Community. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
6 yrs ago
Questions
Reported - view
Re: TypeError: 'NoneType' object is not iterable
Hi @Adrian Rose We have fixed possible cause for this error. Please let us know if you still experience an issue. Regards, Andriy
Andriy Mahats
official rep
Andriy_Mahats
6 yrs ago
Questions
Answer
Reported - view
Re: Error: "Certificate format requested not supported"
Hi @Andreea Ramstadt We have identified a bug in content negotiation on the new-cert endpoint and are working to fix this. Alternatively, you can specify "application/pkix-cert" as value of Accept…
Andriy Mahats
official rep
Andriy_Mahats
6 yrs ago
Questions
Official response
Reported - view
Re: cert-manager and Kubernetes
Hi @Hans Flaatten We have released a fix to resolve this issue last week. If you still experience problems, please try to activate “verbose” mode in the client you use – so there might be more…
Andriy Mahats
official rep
Andriy_Mahats
6 yrs ago
Questions
Answer
Reported - view
1
2
3
Home
GO SSL ACME
Technical Information
Tips, Tricks and Guides
Discussion
Questions
View all topics
Buypass Company Site