Skip to content

Implementation of ACME Renewal Info (ARI) - RFC9773 #6433

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 217 commits into
base: ari
Choose a base branch
from
Open

Implementation of ACME Renewal Info (ARI) - RFC9773 #6433

wants to merge 217 commits into from

Conversation

sim0n-v
Copy link

@sim0n-v sim0n-v commented Jul 5, 2025

fraenki and others added 30 commits November 7, 2022 23:43
@fraenki
update documentation for --cert-home
778ee02 
Although the main use-case may be the --install command, this command
also proves to be useful for the --signcsr and --issue commands.
test DNS for v2 (actual)
517baa3
test DNS for v2 (actual) 001
577920d
test DNS for v1 (legacy) 001
73fe47b
test DNS for v1 (legacy) 002
b8949ba
test DNS for v1 (legacy) 003
ada7e12
test DNS for v1 (legacy) 003
2e3c1ef
test DNS for v1 (legacy) 003
8bb29f5
fix del record for v1, delete one entry at a time
7a1305c
set default SL_Ver to v1
177d9b7
set default SL_Ver to v1
d989617
translation of comments into English
a375e92
@vlad-kms
Merge branch 'acmesh-official:master' into master
95b51cf
@vlad-kms
Merge branch 'dev' into master
a42fef0
@vlad-kms
Remove date -d on macOS
5115129
@markkuleinio
Add dnsapi script for HE DDNS
5214a7c
@markkuleinio
Remove dns_he_ddns_rm(), not used
c96fcf3
@markkuleinio
Fix documentation link
abc7629
@markkuleinio
Add shellcheck disable=SC2034 for the info variable
833632e
@vlad-kms
Merge branch 'dev' into master
e8ed8cb
@Attackwave
Create truenas_ws.sh
413a916
@catap
Fix syntax for OpenBSD sh
3b86087
@Attackwave
Merge branch 'acmesh-official:master' into Truenas-Deploy-Websocket
1e52efa
@Attackwave
Update truenas_ws.sh (shfmt and shellcheck)
d7855e8
@Attackwave
Update truenas_ws.sh (added return instead exit)
f2a311b
@Attackwave
Update truenas_ws.sh (fixed shfmt)
9110375
@Attackwave
Update truenas_ws.sh (Interpreter changed from bash to sh)
4424033
@Attackwave
Update truenas_ws.sh (Output new certificate name)
ebaf4c9
@3VAbdAVE
Fix gen1 cloudkey's symlinked keystore
f3b2ab5
@kevinoid
Avoid permissions errors for chown .well-known
22dfedf 
When acme.sh is run as a non-root user different from the owner of the
webroot directory it is unable to change the owner of the files in
.well-known to that user, causing permissions errors.  Avoid this by
making the files world-readable.

These files should pose no disclosure risk since they are sent in
cleartext during the HTTP Identifier Validation Challenge[1] and may
already be exposed by directory enumeration, depending on server
settings.  AFAIK they should be safe to expose as world-readable in all
cases.

1.  https://ietf-wg-acme.github.io/acme/#rfc.section.7.2

Fixes acmesh-official#32
Signed-off-by: Kevin Locke <[email protected]>
Neilpang and others added 27 commits May 24, 2025 14:00
@Neilpang
Merge pull request acmesh-official#6367 from KincaidYang/dev
af5d046 
docs (dns_tencent) : update documentation links
@Neilpang
Merge pull request acmesh-official#6366 from stokito/patch-1
58a7b9f 
DNS API: fix structural info for new providers
@Neilpang
Merge pull request acmesh-official#6355 from ymol-spraaklab/dev
ed1adfd 
Set DNS Record TTL to 60 instead of 300 sec
@Neilpang
Merge pull request acmesh-official#5043 from coderjoe/feature/deploy-…
d420ff0 
…to-zyxel-gs1900-switches

Add deploy/zyxel_gs1900.sh
@schlegel11
Issue 3968: Fix missing api password encoding.
28687ad
@Neilpang
Merge pull request acmesh-official#6352 from ecm75/kemploadmaster
7b76502 
Add deploy script for Kemp Loadmaster
@Neilpang
Merge pull request acmesh-official#6380 from schlegel11/master
3d8b682 
Cloudns provider: Fix missing api password encoding
@diamondo25
Configure 10 second timeout to ACME_DIRECTORY API call
f2b2482
@laDanz
add support for AIX style netstat
242085d
@Neilpang
Merge pull request acmesh-official#6404 from laDanz/master
c338f1a 
add support for AIX style netstat
@Neilpang
Merge pull request acmesh-official#6393 from diamondo25/dev-configure…
21c758c 
…-acme_directory-timeout

Configure 10 second timeout to ACME_DIRECTORY API call
add
4a16aaa
@Neilpang
Merge pull request acmesh-official#6409 from acmesh-official/dev
0f7ecad 
sync
fix for wiki
b025e7f
@Neilpang
Merge pull request acmesh-official#6411 from acmesh-official/dev
d6eca62 
fix for wiki
minor
89071f7
@Neilpang
Merge pull request acmesh-official#6412 from acmesh-official/dev
02cb476 
minor
minor
6966b38
@Neilpang
Merge pull request acmesh-official#6414 from acmesh-official/dev
b64c57f 
minor
wiki
424d33f
@Neilpang
Merge pull request acmesh-official#6416 from acmesh-official/dev
2402f46 
sync
wiki
74fdf64
@Neilpang
Merge pull request acmesh-official#6417 from acmesh-official/dev
52e051b 
wiki
@sim0n-v
detecting support for ARI
3245fe3
@sim0n-v
constructing the ARI CertID
7a7f678
@sim0n-v
enable ARI by default
f8f73d1
@sim0n-v
fix cert_id storage
c1251ed
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 5, 2025

Welcome
First thing: don't send PR to the master branch, please send to the dev branch instead.
Please make sure you've read our DNS API Dev Guide and DNS-API-Test.
Then reply on this message, otherwise, your code will not be reviewed or merged.
Please also make sure to add/update the usage here: https://github.com/acmesh-official/acme.sh/wiki/dnsapi2
We look forward to reviewing your Pull request shortly ✨
注意: 必须通过了 DNS-API-Test 才会被 review. 无论是修改, 还是新加的 dns api, 都必须确保通过这个测试.

@sim0n-v
Copy link
Author

sim0n-v commented Jul 5, 2025

No DNS API Changes.
Only targets ARI.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.