Comments (2)
@marsangr That sounds good 👍. The URL scheme should be populated from the request protocol.
from pebble.
Hi @marsangr,
Revisiting this issue I realize what I thought would be an acceptable fix (populating the expectedURL.Scheme
based on the request.Proto
or request.TLS
state) won't work for the scenario you describe where TLS is terminated by another daemon and Pebble remains running on HTTP.
I'd suggest just allowing for both schemes in the url parameter of the JWS header
I think this sort of flexibility is the wrong approach - we don't want requests authenticated by a client expecting it was talking to an HTTPS service to be replayable against the same endpoint on HTTP.
I think a better approach is to drop HTTP support and make Pebble operate on HTTPS by default. I've opened an issue (#63) for a simple implementation using MiniCA. I'm going to close this issue in favour of 63. Thanks!
from pebble.
Related Issues (20)
- pebble-challtestsrv: allow defaultIPv4 to be a hostname HOT 1
- Golang, apk and zlib versions are outdated HOT 2
- Allow to force auth challenge HOT 1
- Implement the "dns-account-01" Challenge in Pebble HOT 9
- Full http logging HOT 1
- fix appveyor CI
- Support must-staple extension HOT 1
- Fix `golangci-lint` HOT 3
- Regression time limit exceeded / TimeoutError HOT 5
- Request for a new release HOT 6
- v2.5.0 docker push failed HOT 9
- ci: AppVeyor is broken HOT 1
- Remove DockerHub images of pebble and pebble-challtestsrv HOT 4
- Cannot set DNS server in Docker image HOT 10
- Docker: Use hostname instead of IP addresses HOT 7
- New Certificates aren't getting Ready HOT 2
- EAB with pebble 2.5.x HOT 12
- Pebble fails to start with externalAccountBinding test config
- The request specified an account that does not exist, [certbot and pebble] HOT 2
- The key authorization file from the server did not match this challenge HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pebble.