Stable Pebble releases & Docker images


#1

Hi folks,

Let’s Encrypt provides a small ACME server built to be used in integration tests and client development called Pebble (because its the small version of Boulder).

Recently based on community feedback we’ve switched Pebble to using semantic versioning and providing pre-built Docker images. Thanks to contributions from @eldez Docker images are automatically published by CI when a new release is tagged. Our hope is that this will make it even easier for ACME client developers to integrate Pebble into their testing and development workflows.

I’m happy to share Pebble version 2.0.1, and a summary of some recent Pebble updates for folks that haven’t been keeping a close eye on the project:

  • Windows support! - Thanks to @adferrand and the Certbot team Pebble Docker images for Windows are available in addition to the images for Linux. I’m excited to see other Windows ACME clients adopt Pebble with these new images :slight_smile:
  • Improved RFC 8555 compatibility - We’ve updated Pebble to use new error codes and statuses from the latest ACME draft specification (soon to be RFC 8555). Previously deprecated ACME behaviour that was supported when not running Pebble with -strict has been removed. If your ACME client works with Pebble 2.0.x it should work with other RFC 8555 compatible CAs.
  • Mock DNS and ACME challenge response server - Pebble now includes a stand-alone pebble-challtestsrv program that can be used as a mock DNS server and to generate and serve ACME challenge responses for HTTP-01, DNS-01, and TLS-ALPN-01 challenges. This should make it even easier for client developers to write great end-to-end issuance tests. Docker images for this tool are also available.

Thanks everyone!