The staging endpoint for the ACME v2 API is now available. Naturally since this is meant for testing there are bugs already being uncovered. Thanks to everyone who is participating!
This thread is meant to capture the known bugs and link to corresponding Boulder/Pebble issues as appropriate. Please consult this thread or search for existing issues in the Boulder repository before reporting a new bug.
Known Issues:
- “Orders” field of account object is not implemented yet (Boulder issue #3335), reported by @wulf4096 and @quabla
Resolved Issues:
-
“Challenges” have “error” field not “errors”. (Boulder issue #3339, blocked on spec work), reported by @eggsampler- Fixed in specification -
Incorrect response for newAccount requests matching existing account key. (Boulder issue #3327), reported byFixed as of 2018-01-09 18:48:00 UTCoittaa
& @serverco -
Order expiry date is set incorrectly. (staging config issue), reported by @Wulf4096Fixed as of 2018-01-05 18:10:00 UTC -
TLS-SNI-01 is offered as a challenge type instead of TLS-SNI-02. (Blocked on Boulder issue #3297)- TLS-SNI-* is now deprecated. -
Full PEM certificate chain is not returned by certificate endpoint. (Boulder issue #3291, Boulder PR #3366),Fixed as of 2018-01-24 18:20:00 UTC -
V1 authorizations are reused for V2 orders where possible. (Boulder issue #3328)Fixed as of 2018-02-13 -
Certificate revocation requests signed by the issuing ACME account require valid, unexpired authorizations for the certificate domain names when this should not be required. (Boulder issue #3331), reported by @Wulf4096Fixed -
Authz deactivation/failure can leave order in stuck state. (Boulder issue #3333), reported by @fszlinFixed -
KeyRollover always fails with error about newkey being in use (Boulder issue 3340, Boulder PR 3373), reported by @eggsampler, Fixed -
Expired order authorizations produce 500 serverInternal errors. (Boulder issue #3499, Fixed