|Re: [jetty-users] TLS ALPN ACME Lets Encrypt challange|
Hi, On Wed, Nov 30, 2022 at 9:18 AM Info <info@xxxxxxxxxx> wrote: > > Hi, > > I am swimming in all directions as well. I get the ALPN TSL extension > for switching the protocol and it is working. So, do I need to create a > connection factory and connection for the ACME protocol similar to HTTP2? I don't think so. If I read https://www.rfc-editor.org/rfc/rfc8737 correctly, your server must reply with a proper certificate with the "acmeIdentifier" to a connection with the ALPN protocol of "acme-tls/1". Once the TLS handshake is successful, the connection can be closed, no data is exchanged, hence no ConnectionFactory to implement. > And where do I manage to create a ACME session for communicating with > the certificate provider lets encrypt, within a Jetty handler using the > above connection? Or more down the chain in a servlet or the like? This is the job of an ACME client, whatever you choose, not your job. -- Simone Bordet ---- http://cometd.org http://webtide.com Developer advice, training, services and support from the Jetty & CometD experts.
Back to the top