Is it necessary that get replay-nonce value first and then attach it on EVERY Request ?
2 Likes
Every response you get will come with another nonce, which you can use for the next request.
So the only time you really need to fetch a new nonce explicitly is at the very start, or in case you get a badNonce error.
3 Likes
Oh, yeah, Great ~~~~
2 Likes
Doesn't the request for the directory listing contain a HTTP header with a nonce already, to be used in future JWS requests?
2 Likes
That is an idiosyncrasy of Boulder, I think. ACME doesn't specify it.
In practice, you won't get one from e.g. https://acme.zerossl.com/v2/DV90.
2 Likes
Well, I guess bootstrapping through newNonce isn't that hard 
2 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.