glatzert / acme-server-adcs Goto Github PK
View Code? Open in Web Editor NEWACME (RFC 8555) Server compatible implementation, connecting to Active Directory Certificate Services (ADCS)
License: Other
ACME (RFC 8555) Server compatible implementation, connecting to Active Directory Certificate Services (ADCS)
License: Other
From the readme:
"Install the LTS Version of .NET. You'll need the hosting bundle from the .NET Runtime section."
Problem:
The current LTS Version is 8.0.0 and it looks like the application requires .NET 6 LTS..
First of all, I'd like to thank you for your work, this application is amazing!
I made a PoC integration with your application for one of my clients: I wanted to integrate it with cert-manager (https://cert-manager.io/). If you are not familiar with it, it can request and renew certificates in a Kubernetes environment with ACME protocol.
I was able to integrate it with your application, but when I wanted to request a new certificate, I found in the IIS logs, that the app throws a NotImplemented exception for the Account endpoints. I'm not familiar with the implementation details of ACME protocol (I don't know that these endpoints are neccessary or not), but I would like to ask: will you implement these endpoints as well in the future?
Thanks for your answer in advance
Hello,
After I install and configure ACME-Server-ADCS I get this error in the logs and I don't know where does that come from.... Can someone have this error and help resolve it ?
Thanks by advance !
Add support for ES384 and ES512 algorithms.
Hello @glatzert ! Thanks for the great work!
I've tried this project today and it seems like I manage to get it going, but when downloading the certificate as at last stage ("POST /order/B-GwLBdUqUGIoHSntp-1Qw/certificate) , certificate chain is not in PEM format. I don't have that much experience with Microsoft/c#. Am I missing something ?
The content type is set right "Content-Type: application/pem-certificate-chain"
I believe, that where the conversion should happen: https://github.com/glatzert/ACME-Server-ACDS/blob/862a12fd95a0c68f818844cfccb19ec5620f0aed/src/ACME.CertProvider.ACDS/CertificateIssuer.cs#L36
I'm using certbot as a test client.
https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.9.1
Thank you in advance
Some proposals for the README
or you want a maintenance contract, feel free to contact me and we most likely will find a way.
you should add a contact here (mail?)
Grant full rights to the account used above
Why full permissions? Read/Write is not enough?
"Modify the IIS-AppPool, to not use .NET Framework (new .NET is loaded via another mechanism) and set it's identity to either a custom account (recommended) or "NetworkService"."
The recommended account type should be a managed service account.
And any type of custom account will need the permission "Log on as a batch job"
Hi,
I'm running ACME-Server-ADCS v1.3beta for a couple of months now. However since a couple of day I get the following error when renewing a certificate via win-acme client. This certificate has been renewed a 3-4 times successfully before, but now it comes with this error. Not sure yet where to look for a solution.
The eventlog shows the following:
Category: TGIT.ACME.Protocol.IssuanceServices.ADCS.CsrValidator
EventId: 0
SpanId: 4f8c2da89a5bfffa
TraceId: 970b2936470d66ba5139c64cf68e11df
ParentId: 0000000000000000
RequestId: 80000034-0000-f300-b63f-84710c7967bb
RequestPath: /order/Kd6P3KmC70mDSzUvx-wW_Q/finalize
ActionId: 9b73504d-7647-4590-8172-5af40a4e0ebc
ActionName: TGIT.ACME.Server.Controllers.OrderController.FinalizeOrder (TGIT.ACME.Server.Core)
Validation of CSR failed with exception.
Exception:
System.Runtime.InteropServices.COMException (0x80093102): CertEnroll::CX509CertificateRequestPkcs10::InitializeDecode: ASN1 unexpected end of data. 0x80093102 (ASN: 258 CRYPT_E_ASN1_EOD)
at CERTENROLLLib.CX509CertificateRequestPkcs10Class.InitializeDecode(String strEncodedData, EncodingType Encoding)
at TGIT.ACME.Protocol.IssuanceServices.ADCS.CsrValidator.ValidateCsrAsync(Order order, String csr, CancellationToken cancellationToken) in E:\Dev\ACME-Server-ADCS\src\ACME.CertProvider.ADCS\CsrValidator.cs:line 30
And the log for the most recent renewal:
20231026.json
Any suggestions what could be the cause?
Between the last succesful renewal and now the server has been rebooted and patches to latest Windows service packs. These are the only "relevant" changes I can think of right now.
Peter
Where could we buy a commercial license and what price range should we expect?
I was testing with acme.sh and noticed there is an error caused by acmesh-official/acme.sh#1335, acmesh-official/acme.sh@f8ca6d9.
Due to acme.sh adding the extendedKeyUsage
extension to the automatically generated CSR, the CsrValidator.cs SubjectAlternateNamesAreValid
function returns false since x509Ext.ObjectId.Name
is now equal to XCN_OID_ENHANCED_KEY_USAGE
first.
Removing extendedKeyUsage=serverAuth,clientAuth
from the acme.sh script (part that generates the CSR file) fixes the issue. Not sure if this needs to be addressed here or with acme.sh.
[Thu 06 Apr 2023 04:50:20 AM UTC] Sign error, wrong status
[Thu 06 Apr 2023 04:50:20 AM UTC] {"status":"invalid","identifiers":[{"type":"dns","value":"test.example.local"}],"error":{"type":"urn:ietf:params:acme:error:badCSR","detail":"SAN Invalid."},"authorizations":["https://caissueadcs.example.local/order/RqaBOEM7pUG0wnxYNc_INg/auth/Cpi4l4UtRkCiiJaoTd5nFA"],"finalize":"https://acme.example.local/order/RqaBOEM7pUG0wnxYNc_INg/finalize"}
Hello,
I want to set up Server ACDS for ACME for my server Windows 2019 but, i did not understand how to set it up with the instructions on the forum.
Do you have any documentation, or installation instruction that can help me ? Thank you
Best regards,
Kamel
Firstly thanks for making this tool available, awesome work!
I've followed the installation instructions and I'm able to request a working SSL certificate from an MS CA, but even though the certificate appears as valid, the subject value is empty while the subject alternative name is populated. I'm trying to populate both values with the same hostname.
I've tried different value combinations at the json config level and tried passing multiple values through certbot without success - it either fails or works but is still missing the subject value.
I'm sure this is a simple problem that I shouldn't need to ask for assistance on, but if you could spare a moment to share your knowledge, I'd really appreciate it.
Hi
I've successfully installed everything as per the instructions and it was initially working fine until I encountered a minor issue which necessitated the installation of .NET 6. This might be an important detail worth mentioning in the installation guide.
For my test, I aim to ensure that any server joining the domain or already a domain member automatically receives a certificate from ADCS via the ACME server. My configuration follows the guidelines provided, including a supplementary guide from StarWind Software on server certificate auto-enrollment (https://www.starwindsoftware.com/blog/server-certificate-auto-enrollment).
However, I suspect the problem might be because I've only installed the ADCS-Cert-Authority role without the ADCS-Enroll-* roles. Is it possible to integrate autoenrollment with this ACME project, and if so, how can it be achieved?
When setting up the ACME server on my home lab windows server 2019 it failed, because there was no working directory although I'd already created it.
Please excuse my complaint, but it is very annoying when troubleshooting and not being sure about using ACDS or ADCS,
For example in your readme you want me to create a folder named "ACME-ACDS" for the working directory, but in the config file the value is set to "C:\ACME-ADCS". Obviously that doesn't work that way, because there is no working directory named like that, which was exactly my error. This fault even exists in your repos title. Please fix that, because it makes live a lot harder in many ways.
Hello,
When I try using a custom csr to generate a certificate I got this error. I have looking in the code to see what's my error and I saw that in my CSR all the subject data have a space. Exemple : I have CN = mydomain.local.
Can this be fixed or am i doing something wrong ?
Thanks for your response.
Hey,
i try to get the certificates with traefik and its acme provider. They have a hardcoded 30 sec timeout.
My installation take between 40 and 60 sec. to successfully rollout a Certificate.
Is this time "normal" or should i debug my Infrastructure. And if yes on which parts should is look? Webserver for ACME service or the Issueing CA? The Server are all on the same Switch, so also no Delay on the Wire.
I am testing ACME-ADCS, for use with https://developer.apple.com/documentation/devicemanagement/acmecertificate
Apple requires that the ACME server uses HTTPS.
When I deployed the ACME-ADCS server, http://server/ works fine, and displays the service description.
Whereas, https://server/ gives "site cannot be reached" (a valid and trusted TLS certificate has already been bound to port 443 at IIS)
Is there some other setting that controls the behavior/support of HTTPS?
Hi there.
I use this acme server in my homelab environment and just stumbled across a problem with acme.sh. But see for yourself:
[Sun Dec 18 11:40:55 CET 2022] Lets find script dir.
[Sun Dec 18 11:40:55 CET 2022] _SCRIPT_='/root/.acme.sh/acme.sh'
[Sun Dec 18 11:40:55 CET 2022] _script='/root/.acme.sh/acme.sh'
[Sun Dec 18 11:40:55 CET 2022] _script_home='/root/.acme.sh'
[Sun Dec 18 11:40:55 CET 2022] Using config home:/root/.acme.sh
https://github.com/acmesh-official/acme.sh
v3.0.5
[Sun Dec 18 11:40:55 CET 2022] Using server: acme.loens2.com
[Sun Dec 18 11:40:55 CET 2022] Running cmd: issue
[Sun Dec 18 11:40:55 CET 2022] _main_domain='test.test'
[Sun Dec 18 11:40:55 CET 2022] _alt_domains='no'
[Sun Dec 18 11:40:55 CET 2022] Using config home:/root/.acme.sh
[Sun Dec 18 11:40:55 CET 2022] ACME_DIRECTORY='acme.loens2.com'
[Sun Dec 18 11:40:55 CET 2022] DOMAIN_PATH='/root/.acme.sh/test.test'
[Sun Dec 18 11:40:55 CET 2022] Le_NextRenewTime
[Sun Dec 18 11:40:55 CET 2022] Using ACME_DIRECTORY: acme.loens2.com
[Sun Dec 18 11:40:55 CET 2022] _init api for server: acme.loens2.com
[Sun Dec 18 11:40:55 CET 2022] GET
[Sun Dec 18 11:40:55 CET 2022] url='acme.loens2.com'
[Sun Dec 18 11:40:55 CET 2022] timeout=
[Sun Dec 18 11:40:55 CET 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sun Dec 18 11:40:55 CET 2022] ret='0'
[Sun Dec 18 11:40:55 CET 2022] ACME_KEY_CHANGE
[Sun Dec 18 11:40:55 CET 2022] ACME_NEW_AUTHZ
[Sun Dec 18 11:40:55 CET 2022] ACME_NEW_ORDER='http://acme.loens2.com/new-order'
[Sun Dec 18 11:40:55 CET 2022] ACME_NEW_ACCOUNT='http://acme.loens2.com/new-account'
[Sun Dec 18 11:40:55 CET 2022] ACME_REVOKE_CERT
[Sun Dec 18 11:40:55 CET 2022] ACME_AGREEMENT
[Sun Dec 18 11:40:55 CET 2022] ACME_NEW_NONCE='http://acme.loens2.com/new-nonce'
[Sun Dec 18 11:40:55 CET 2022] Using CA: acme.loens2.com
[Sun Dec 18 11:40:55 CET 2022] _on_before_issue
[Sun Dec 18 11:40:55 CET 2022] _chk_main_domain='test.test'
[Sun Dec 18 11:40:55 CET 2022] _chk_alt_domains
[Sun Dec 18 11:40:55 CET 2022] Le_LocalAddress
[Sun Dec 18 11:40:55 CET 2022] d='test.test'
[Sun Dec 18 11:40:55 CET 2022] Check for domain='test.test'
[Sun Dec 18 11:40:55 CET 2022] _currentRoot='no'
[Sun Dec 18 11:40:55 CET 2022] Standalone mode.
[Sun Dec 18 11:40:55 CET 2022] _checkport='80'
[Sun Dec 18 11:40:55 CET 2022] _checkaddr
[Sun Dec 18 11:40:55 CET 2022] Using: ss
[Sun Dec 18 11:40:55 CET 2022] d
[Sun Dec 18 11:40:55 CET 2022] _saved_account_key_hash is not changed, skip register account.
[Sun Dec 18 11:40:55 CET 2022] Read key length:2048
[Sun Dec 18 11:40:55 CET 2022] _createcsr
[Sun Dec 18 11:40:55 CET 2022] Single domain='test.test'
[Sun Dec 18 11:40:55 CET 2022] Getting domain auth token for each domain
[Sun Dec 18 11:40:55 CET 2022] d
[Sun Dec 18 11:40:55 CET 2022] url='http://acme.loens2.com/new-order'
[Sun Dec 18 11:40:55 CET 2022] payload='{"identifiers": [{"type":"dns","value":"test.test"}]}'
[Sun Dec 18 11:40:55 CET 2022] RSA key
[Sun Dec 18 11:40:55 CET 2022] HEAD
[Sun Dec 18 11:40:55 CET 2022] _post_url='http://acme.loens2.com/new-nonce'
[Sun Dec 18 11:40:55 CET 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g -I '
[Sun Dec 18 11:40:55 CET 2022] _ret='0'
[Sun Dec 18 11:40:55 CET 2022] POST
[Sun Dec 18 11:40:55 CET 2022] _post_url='http://acme.loens2.com/new-order'
[Sun Dec 18 11:40:55 CET 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sun Dec 18 11:40:55 CET 2022] _ret='0'
[Sun Dec 18 11:40:55 CET 2022] code='201'
[Sun Dec 18 11:40:55 CET 2022] Le_LinkOrder='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw'
[Sun Dec 18 11:40:55 CET 2022] Le_OrderFinalize='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/finalize'
[Sun Dec 18 11:40:55 CET 2022] url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g'
[Sun Dec 18 11:40:55 CET 2022] payload
[Sun Dec 18 11:40:55 CET 2022] POST
[Sun Dec 18 11:40:55 CET 2022] _post_url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g'
[Sun Dec 18 11:40:55 CET 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sun Dec 18 11:40:55 CET 2022] _ret='0'
[Sun Dec 18 11:40:55 CET 2022] code='200'
[Sun Dec 18 11:40:55 CET 2022] d='test.test'
[Sun Dec 18 11:40:55 CET 2022] Getting webroot for domain='test.test'
[Sun Dec 18 11:40:55 CET 2022] _w='no'
[Sun Dec 18 11:40:55 CET 2022] _currentRoot='no'
[Sun Dec 18 11:40:55 CET 2022] entry='"type":"http-01","token":"pAFAKLCP1mfmrWg9JUdctnLu2GDrbLYRJXJ177bk21csnz-JCNb8Qs8R3lmeveOd","status":"pending","url":"http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ"'
[Sun Dec 18 11:40:55 CET 2022] token='pAFAKLCP1mfmrWg9JUdctnLu2GDrbLYRJXJ177bk21csnz-JCNb8Qs8R3lmeveOd'
[Sun Dec 18 11:40:55 CET 2022] uri='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:55 CET 2022] keyauthorization='pAFAKLCP1mfmrWg9JUdctnLu2GDrbLYRJXJ177bk21csnz-JCNb8Qs8R3lmeveOd.FG6-J0vpiqAyTkYO7NB7Hhr0CnFoCwaSgeqE5u9EasU'
[Sun Dec 18 11:40:55 CET 2022] dvlist='test.test#pAFAKLCP1mfmrWg9JUdctnLu2GDrbLYRJXJ177bk21csnz-JCNb8Qs8R3lmeveOd.FG6-J0vpiqAyTkYO7NB7Hhr0CnFoCwaSgeqE5u9EasU#http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ#http-01#no'
[Sun Dec 18 11:40:55 CET 2022] d
[Sun Dec 18 11:40:55 CET 2022] vlist='test.test#pAFAKLCP1mfmrWg9JUdctnLu2GDrbLYRJXJ177bk21csnz-JCNb8Qs8R3lmeveOd.FG6-J0vpiqAyTkYO7NB7Hhr0CnFoCwaSgeqE5u9EasU#http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ#http-01#no,'
[Sun Dec 18 11:40:55 CET 2022] d='test.test'
[Sun Dec 18 11:40:55 CET 2022] ok, let's start to verify
[Sun Dec 18 11:40:55 CET 2022] Verifying: test.test
[Sun Dec 18 11:40:55 CET 2022] d='test.test'
[Sun Dec 18 11:40:55 CET 2022] keyauthorization='pAFAKLCP1mfmrWg9JUdctnLu2GDrbLYRJXJ177bk21csnz-JCNb8Qs8R3lmeveOd.FG6-J0vpiqAyTkYO7NB7Hhr0CnFoCwaSgeqE5u9EasU'
[Sun Dec 18 11:40:55 CET 2022] uri='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:55 CET 2022] _currentRoot='no'
[Sun Dec 18 11:40:55 CET 2022] Standalone mode server
[Sun Dec 18 11:40:55 CET 2022] content='pAFAKLCP1mfmrWg9JUdctnLu2GDrbLYRJXJ177bk21csnz-JCNb8Qs8R3lmeveOd.FG6-J0vpiqAyTkYO7NB7Hhr0CnFoCwaSgeqE5u9EasU'
[Sun Dec 18 11:40:55 CET 2022] ncaddr
[Sun Dec 18 11:40:55 CET 2022] startserver: 2170
[Sun Dec 18 11:40:55 CET 2022] Le_HTTPPort='80'
[Sun Dec 18 11:40:55 CET 2022] Le_Listen_V4
[Sun Dec 18 11:40:55 CET 2022] Le_Listen_V6
[Sun Dec 18 11:40:55 CET 2022] _content_len='108'
[Sun Dec 18 11:40:55 CET 2022] _NC='socat TCP-LISTEN:80,crlf,reuseaddr,fork'
[Sun Dec 18 11:40:56 CET 2022] serverproc='3064'
[Sun Dec 18 11:40:56 CET 2022] url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:56 CET 2022] payload='{}'
[Sun Dec 18 11:40:56 CET 2022] POST
[Sun Dec 18 11:40:56 CET 2022] _post_url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:56 CET 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sun Dec 18 11:40:56 CET 2022] _ret='0'
[Sun Dec 18 11:40:56 CET 2022] code='200'
[Sun Dec 18 11:40:56 CET 2022] trigger validation code: 200
[Sun Dec 18 11:40:56 CET 2022] Processing, The CA is processing your order, please just wait. (1/30)
[Sun Dec 18 11:40:56 CET 2022] sleep 2 secs to verify again
[Sun Dec 18 11:40:59 CET 2022] checking
[Sun Dec 18 11:40:59 CET 2022] url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:59 CET 2022] payload
[Sun Dec 18 11:40:59 CET 2022] POST
[Sun Dec 18 11:40:59 CET 2022] _post_url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:59 CET 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sun Dec 18 11:40:59 CET 2022] _ret='0'
[Sun Dec 18 11:40:59 CET 2022] code='409'
[Sun Dec 18 11:40:59 CET 2022] test.test:Verify error:{"type":"urn:ietf:params:acme:error:malformed","detail":"The order used in this request did not have the expected status 'Pending' but had 'Ready'."}
[Sun Dec 18 11:40:59 CET 2022] Skip for removelevel:
[Sun Dec 18 11:40:59 CET 2022] pid='3064'
[Sun Dec 18 11:40:59 CET 2022] No need to restore nginx, skip.
[Sun Dec 18 11:40:59 CET 2022] _clearupdns
[Sun Dec 18 11:40:59 CET 2022] dns_entries
[Sun Dec 18 11:40:59 CET 2022] skip dns.
[Sun Dec 18 11:40:59 CET 2022] _on_issue_err
[Sun Dec 18 11:40:59 CET 2022] Please add '--debug' or '--log' to check more details.
[Sun Dec 18 11:40:59 CET 2022] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Sun Dec 18 11:40:59 CET 2022] url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:59 CET 2022] payload='{}'
[Sun Dec 18 11:40:59 CET 2022] POST
[Sun Dec 18 11:40:59 CET 2022] _post_url='http://acme.loens2.com/order/PmGuXwClD0in8liQDZEOIw/auth/fySczzPIu0-0CYhhPQIL8g/chall/lR9H5m5zO0-Rvar-iuiigQ'
[Sun Dec 18 11:40:59 CET 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sun Dec 18 11:40:59 CET 2022] _ret='0'
[Sun Dec 18 11:40:59 CET 2022] code='409'
[Sun Dec 18 11:41:00 CET 2022] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.1f 31 Mar 2020
apache:
apache doesn't exist.
nginx:
nginx doesn't exist.
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.3.3 on Oct 26 2019 17:42:04
running on Linux version #1 SMP Wed Nov 23 01:01:46 UTC 2022, release 5.15.79.1-microsoft-standard-WSL2, machine x86_64
features:
#define WITH_STDIO 1
#define WITH_FDNUM 1
#define WITH_FILE 1
#define WITH_CREAT 1
#define WITH_GOPEN 1
#define WITH_TERMIOS 1
#define WITH_PIPE 1
#define WITH_UNIX 1
#define WITH_ABSTRACT_UNIXSOCKET 1
#define WITH_IP4 1
#define WITH_IP6 1
#define WITH_RAWIP 1
#define WITH_GENERICSOCKET 1
#define WITH_INTERFACE 1
#define WITH_TCP 1
#define WITH_UDP 1
#define WITH_SCTP 1
#define WITH_LISTEN 1
#define WITH_SOCKS4 1
#define WITH_SOCKS4A 1
#define WITH_PROXY 1
#define WITH_SYSTEM 1
#define WITH_EXEC 1
#undef WITH_READLINE
#define WITH_TUN 1
#define WITH_PTY 1
#define WITH_OPENSSL 1
#undef WITH_FIPS
#define WITH_LIBWRAP 1
#define WITH_SYCLS 1
#define WITH_FILAN 1
#define WITH_RETRY 1
#define WITH_MSGLEVEL 0 /*debug*/
acme.loens2.com is my local acme server. As you can see, the script fails with error "The order used in this request did not have the expected status 'Pending' but had 'Ready'.". Unfortunately I have to use acme.sh because it's the only one supported by OPNsense. On my other Servers with certbot, everything works as expected.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.