Tls-sni-01 or tls-sni-02 to support now?


#1

I just found the in the spec is tls-sni-02 .

But the Letsencrypt server responses tls-sni-01 to me?

Does it mean that LetsEncrypt will soon update to support tls-sni-02 ?

What is the timeline ?

And where to find the tls-sni-01 spec ?

Thanks.


#2

Boulder currently implements the acme-01 draft, which only has TLS-SNI-01.

I think the plan is to keep https://acme-v01.api.letsencrypt.org/directory on acme-01 to preserve backwards compatibility, and run future versions of acme on something like https://acme-v02.api.letsencrypt.org/directory once the changes are implemented.


#3

Thanks for your answer.
Got it.


#4

@Neilpang, congratulations on News! acme.sh now supports tls-sni-01 validation!!


#5

Hi, @schoen
Thanks.

:slight_smile:


#6

A post was split to a new topic: Concerns about tls-sni-01


#7

Hi @pfg

Any updates on this?

Are there any advantages of TLS-SNI-02 over TLS-SIN-01

Andrei