Supported challenges types


#1

Hi,
is there any way to pre validate domain ownership, or another challenge type other than http and dns, like sending an email (Digicert does this)

Thanks


#2

Hi @amitinait, thanks for the questions!

HTTP and DNS challenges are the only* methods supported by Let’s Encrypt. I’m not entirely sure I understand what you mean by pre-validating domain owernship but I suspect the answer is that there is no way to do it.

The e-mail validation method you mention is particularly fraught and was avoided by design while standardizing the ACME protocol that Let’s Encrypt uses for domain validation.

* - With the caveat that there is also a new TLS based challenge type available in the staging environment only.


#3

Hi @cpu

Thanks for reply,
pre-validating domain means, is there some static file which I put on the server and lets-encrypt can validate domain by checking existing of that file?
Currently it is what http challenge type is but the content of that file is dynamic and I can not know what is the content before initiating order for that domain.


#4

Hi @amitinait,

Prevalidation in the sense you describe isn’t available at all in Let’s Encrypt as a matter of design and policy. The validation is always supposed to be an interactive process for every certificate request.

We and our larger community have created a lot of software to try to help automate the validation process:


#5

Hi @schoen

Understood the workflow.

thanks


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.