请问 http01 challenge可以验证txt文件吗
Can you explain more what you want help with? The link below describes the challenges. I was not sure what language you used so click the language link on that page to change it.
2 Likes
HTTP-01 这种方式的Challenge 可以验证带后缀的文件吗? 比如 http://domain/.well-known/acme-challenge/token.txt
The filename in the URL is given in the specification, and doesn't have a .txt at the end.
But you could configure your web server to serve the resource at the URL in any way, including by looking for file somewhere on a filesystem that has a .txt in it. Often there isn't much relationship anymore between files in a folder and the URLs that correspond to them.
4 Likes
No suffixes are allowed for Let's Encrypt.
Other free CAs might offer other challenges. If I recall correctly, ZeroSSL uses challenges with suffix, but perhaps only for their manual certificate issuance, which is limited to 3 free certs per account.
1 Like
Interestingly (to me at least), the Content-Type of the challenge response isn't explicitly specified (I don't think), but the example in RFC 8555 section 8.3 shows it using application/octet-stream rather than something like text/plain or some ACME-specific new type. But I don't think any CA would actually care about that header as long as the token in the response body is correct.
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.