Yes, the ACME client is self-written.
The expires-field in the authorization object is (per RFC) added after at least one challenge has been completed successfully. When doing a POST to a challenge uri, there are two possible responses from the CA:
- 202 Accepted (status: pending)
- 202 Accepted (status: valid)
In the first case, I have to check the authorization object at a later time. It can then be invalid or valid. If it is valid, then I can retrieve the expires-field and store the date locally.
In the second case, the challenge has already been classified as valid, so the authorization object is valid, too. In this case, I have to check the authorization object anyway just to extract the expires-field.
It would be nice to include the expiration date right into the response to the POST request to the challenge-uri iff the response is 202 Accepted with status valid.
with kind regards