Compatibility with ACME v2 draft-16
A general rework of code has been made to be compatible with the latest ACME draft 16 (v2.0 of acme-dns-tiny was based on draft 9).
First, unit tests now creates one account key by configuration sample, they correctly create and remove temporary files, and they read the
GITLABCI_CONTACT environment variable.
Then, tools created from acme-dns-tiny has been updated too: key rollover has been redesigned completely by the RFC and it has been updated to be compatible with latest acme-dns-tiny style. Style of account deactivation has been updated too.
Finally, acme-dns-tiny itself had a lot of improvements:
- Use standard Python3 doc strings instead of comments
- Simplify returns of the
_send_signed_requestinternal function to take advantage of the
_send_signed_requestis able to launch
POST-as-GETauthenticated requests as defined in recent RFC drafts
- Config file now read the
CertificateFormatkey: it allows you, if needed, to ask for a specific chain file format instead of the default
application/pem-certificate-chainas defined in the RFC.
- Example config file now avoid to define optional keys, it only give documentation
- In the
CNvalue can be anywhere in the
- If the
readyon the ACME server side, acme-dns-tiny doesn't run full process, but just ask the certificate chain.