|Re: [jetty-users] TLS ALPN ACME Lets Encrypt challange|
Hi, I'm eagerly following this thread because I'd like to do this Here[TM] as well to get around the limitations that come with the use of http-01. Am 30.11.2022 um 19:15 schrieb Simone Bordet:
On Wed, Nov 30, 2022 at 9:18 AM Info <info@xxxxxxxxxx> wrote:And where do I manage to create a ACME session for communicating with the certificate provider lets encrypt, within a Jetty handler using the above connection? Or more down the chain in a servlet or the like?This is the job of an ACME client, whatever you choose, not your job.
The client in question is acme4j and the part between the ACME- server and that client up to the point where the necessary data is available for the creation of the certificate is done there. But then you need to make sure that said certificate is used by the corresponding ALPN processor which is where Maurice's question was pointed (I suppose because that's my question at this point after reading the thread).  Your answer "nothing needs to be done" doesn't sound right, there must be some way to provide that self signed certificate at a time after startup of the server (and make it unavailable after successful authentication at the CA) so at some point you need to get your hand on an existing processor to "set" the certificate to be used or create an own implementation of such a processor in order to be able to the same. @Maurice If you get it running, I'd be happy if you could try to put the necessary steps into a short final description and put it on this list. I'm sure not only me would find this helpful for their own ACME-integration. Thanks and cheers, Lothar  https://shredzone.org/maven/acme4j/challenge/tls-alpn-01.html
Back to the top