upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-03-28 13:24:28 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
haproxy/include
History
Mia Kanashi 418f0c0bbe BUG/MEDIUM: acme: skip doing challenge if it is already valid 
If server returns an auth with status valid it seems that client
needs to always skip it, CA can recycle authorizations, without
this change haproxy fails to obtain certificates in that case.
It is also something that is explicitly allowed and stated
in the dns-persist-01 draft RFC.

Note that it would be better to change how haproxy does status polling,
and implements the state machine, but that will take some thought
and time, this patch is a quick fix of the problem.

See:
https://github.com/letsencrypt/boulder/issues/2125
https://github.com/letsencrypt/pebble/issues/133

This must be backported to 3.2 and later.
2026-03-27 14:41:11 +01:00
..
haproxy BUG/MEDIUM: acme: skip doing challenge if it is already valid 2026-03-27 14:41:11 +01:00
import CLEANUP: assorted typo fixes in the code, commits and doc 2025-12-25 19:45:29 +01:00
make BUILD: makefile: add a qinfo macro to pass info in quiet mode 2025-01-08 11:26:05 +01:00