List of verified domains


#1

Is there any way to get a list of domains that are verified for an account?


#2

Unfortunately there is at the moment no possibility to get a list via the Let’s Encrypt tool.

Alternatively you can go to /etc/letsencrypt/live
There is for each domain you issued a certificate a folder except
you add multiple domains to one cert.


#3

Thanks for the answer. I know that I can get a list of the issued certs and their domain names from /etc/letsencrypt. I think it is not possible with the LE tool as the ACME protocol does not specify such possibility. I had hoped somehow I can get the list of “public suffix domains” that are verified for my account because that I can not get from /etc/letsencrypt/.


#4

I’m not sure if this helps - I created a ( Bash script to check SSL of multiple domains ) which checks all the domains on a server and determines if they have certificates, of the correct name etc and gives their renewal date …


#5

There’s a way defined in ACME, but Boulder doesn’t support that currently.
https://github.com/ietf-wg-acme/acme/blob/master/draft-ietf-acme-acme.md#registration-objects

@jsha Do we already have an issue for that? Is support planned?


#6

authorizations (optional, string): A URI from which a list of authorizations granted to this account can be
fetched via a GET request.

That was exactly what I was searching for and what I missed while looking at the ACME spec. Thanks for the hint. It would be really nice and helpful to have support for that in Boulder.


#7

Just sent a mail to ask why they’re optional.


#8

Yep, we do plan to support the authorizations field, and see how it’s valuable. Can’t guarantee a timeline, but it’s definitely on my mind.