[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #32964 [Circumvention/Snowflake]: Redeploy Snowflake bridge with ACMEv2 by 2020-06-01
#32964: Redeploy Snowflake bridge with ACMEv2 by 2020-06-01
-----------------------------------------+--------------------
Reporter: dcf | Owner: (none)
Type: task | Status: new
Priority: Medium | Milestone:
Component: Circumvention/Snowflake | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-----------------------------------------+--------------------
I got this email today. 2a00:c6c0:0:151:4:8f94:69f5:7c01 is
snowflake.bamsoftware.com.
Most likely, resolving this is just a matter of `go get -u` to pull an
updated [https://godoc.org/golang.org/x/crypto/acme/autocert
golang.org/x/crypto/acme/autocert]
> According to our records, the software client you're using to get Let's
Encrypt TLS/SSL certificates issued or renewed at least one HTTPS
certificate in the past two weeks using the ACMEv1 protocol. Your client's
IP address was:
>
> 2a00:c6c0:0:151:4:8f94:69f5:7c01
>
> Beginning June 1, 2020, we will stop allowing new domains to validate
using the ACMEv1 protocol. You should upgrade to an ACMEv2 compatible
client before then, or certificate issuance will fail. For most people,
simply upgrading to the latest version of your existing client will
suffice. You can view the client list at: https://letsencrypt.org/docs
/client-options/
>
> If you're unsure how your certificate is managed, get in touch with the
person who installed the certificate for you. If you don't know who to
contact, please view the help section in our community forum at
https://community.letsencrypt.org/c/help and use the search bar to check
if there's an existing solution for your question. If there isn't, please
create a new topic and fill out the help template.
>
> ACMEv1 API deprecation details can be found in our community forum:
https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1
>
> As a reminder: In the future, Let's Encrypt will be performing multiple
domain validation requests for each domain name when you issue a
certificate. While you're working on migrating to ACMEv2, please check
that your system configuration will not block validation requests made by
new Let's Encrypt IP addresses, or block multiple matching requests. Per
our FAQ (https://letsencrypt.org/docs/faq/), we don't publish a list of IP
addresses we use to validate, and this list may change at any time.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32964>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs