Alternative to Pre-authorization


I am relatively new to Let’s Encrypt. If my question has been asked and answered, please point me to the right direction. Thank you in advance.

In the “Specification Divergences” section of this post (ACME v2 Production Environment & Wildcards)

It says
“Pre-authorization. This is an optional feature and we have no plans to implement it. V2 clients should use order based issuance without pre-authorization…”

First question, can anyone help me understand what is “order based issuance without pre-authorization”.

Second question, certbot, when configured to use acme v2 URL, seems to be calling v1’s new-authz endpoint. Is there a reason why?

Thank you.


Creating a new order (by passing a list of DNS identifiers) and then responding to the authorizations list in the created order object.

Can you show a /var/log/letsencrypt/ that demonstrates that behavior?


@_az . thank you for replaying.

I can’t seem to reproduce the same results seeing cerbot calling acme-v01 endpoint. I must have messed up the log file.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.