"How it works" says domain validation using HTTPS


I just noticed that the Domain Validation chapter on https://letsencrypt.org/how-it-works/ keeps talking about https://example.com, when the correct would be to use http://example.com (not HTTPS).

Is the use of https instead of http in this chapter intentional?

I can see that you are talking about the site “https://example.com” in a more broader term, but in my opinion the first figure (https://letsencrypt.org/images/howitworks_challenge.png) is totally wrong, as long as the challenge must be served by HTTP (as specified in the ACME draft).



In my opinion, you’re right.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.