You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Steffen <in...@apachelounge.com> on 2018/03/18 15:52:45 UTC

mod_md : not possible to use Lets-Encrypt-Win-Simple




A note from admin/user at  
http://www.apachelounge.com/viewtopic.php?p=36619#36619


Asked the reporter to file at bugzilla:

Not sure it is a issue.

A suggestion from me for the official release:

I would not publish the official release with mod_md, but offer the 
two modules (mod_md & mod_ssl) separately for download.

For mod_ssl to work in the vote release, mod_md must also be included 
and mod_md will catch access to the .well-know directory. In other 
words: With the Vote release it's not possible to use 
Lets-Encrypt-Win-Simple (I think).


My response to that:


I think you mean with win-acme client

When it is true what you say then in the Linux world they could maybe 
not use e.g.  their Certbot client either.

I would like to see that a Linux users tries it ?

Re: mod_md : not possible to use Lets-Encrypt-Win-Simple

Posted by Eric Covener <co...@gmail.com>.

On Sun, Mar 18, 2018 at 11:52 AM, Steffen <in...@apachelounge.com> wrote:
> A note from admin/user at
> http://www.apachelounge.com/viewtopic.php?p=36619#36619
>
> Asked the reporter to file at bugzilla:
>
> Not sure it is a issue.
>
> A suggestion from me for the official release:
>
> I would not publish the official release with mod_md, but offer the two
> modules (mod_md & mod_ssl) separately for download.
>
> For mod_ssl to work in the vote release, mod_md must also be included and
> mod_md will catch access to the .well-know directory. In other words: With
> the Vote release it's not possible to use Lets-Encrypt-Win-Simple (I think).
>
>
> My response to that:
>
>
> I think you mean with win-acme client
>
> When it is true what you say then in the Linux world they could maybe not
> use e.g.  their Certbot client either.
>
> I would like to see that a Linux users tries it ?

This is all quite difficult to parse for me.

Is your user saying that loading mod_md blocks some mode of operation
of an external acme client?  By handling request for /.well-known?

I don't think such a thing impacts the release vote or structure
unless it's a regression of using the two things together, and there's
no implication that it is.

After all, mod_md is optional, and its primary role is certificates
via ACME.  I don't see the dilemma, so maybe I am misinterpreting

Spelling out whatever requirement or concern in at the root of this,
in more precise detail, is probably the only way it will move forward.

-- 
Eric Covener
covener@gmail.com