This thread seems to indicate Let's Encrypt and certbot will support RFC 8738 at some point. dehydrated.io and acme.sh do not support it yet. I have been able to verify that uacme, ACME4J and an Ansible plugin support it now, but are there any CAs (other than pebble) that currently implement this standard? I was unable to test ZeroSSL since there is no client with support for both RFC 8738 and External Account Binding (EAB). Buypass is another CA offering free certs over ACME but I got the following response while testing with uacme:
uacme: creating new order at https://api.buypass.com/acme-v02/new-order
uacme: failed to create new order at https://api.buypass.com/acme-v02/new-order
uacme: the server reported the following error:
{
"type": "urn:ietf:params:acme:error:unsupportedIdentifier",
"detail": "Identifier type not supported: ip",
"code": 403,
"message": "UNSUPPORTED_IDENTIFIER",
"details": "HTTP 403 Forbidden"
}
Has anyone found any other compatible clients or CAs out there?