https://acme-v02.api.letsencrypt.org/acme/acct/2689478811
DoH and DoT testing
Thanks
Test shortlived live certificates for:
1 Like
https://acme-v02.api.letsencrypt.org/acme/acct/2845053336
Hi, I want to use a shortlived certificate to test Caddy automation.
Thanks
1 Like
(post deleted by author)
Hello, I would like access to the shortlived certificate profile in order to test my ACME automation, and run a DNS-over-HTTPS server, which would benefit from an IP address certificate.
My ACME account URI is https://acme-v02.api.letsencrypt.org/acme/acct/2564468501
Thank you.
Hi would like to access to the short-lived certificate profile to test automation and integration with nginx, postfix, cloudflare, and stalwart. Relevant URLs:
https://acme-v02.api.letsencrypt.org/acme/acct/2101502347 (nginx)
https://acme-v02.api.letsencrypt.org/acme/acct/2334803417 (stalwart)
https://acme-v02.api.letsencrypt.org/acme/acct/2656653351 (postfix)
Hi! I would like to use the IP certificate for DNS over TLS (Unbound). I've successfully tested the shortlived profile in staging and verified issuance and renewal automation with lego. My ACME account URI is https://acme-v02.api.letsencrypt.org/acme/acct/2846228356 Thank you in advance.
2 Likes
Hello,
I'll add the above accounts to the allowlist tomorrow.
We won't be taking any more requests going forward, as we will launch to all shortly.
Thanks!
14 Likes
Many thanks for enabling the shortlived profile. My test server is ordering a few certificates, slowly.
https://217.146.102.142/demo.html
https://[2a00:1940:2:2::142]/demo.html
Angus
my account doesn't work.
Error creating new order. Le_OrderFinalize not found. {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Error creating new order :: account ID 2281139796 is not permitted to use certificate profile "shortlived"",
"status": 403
}
posted 5 days ago
1 Like
Same for me. It might be taking a while for the whitelist to propagate.
I haven't deployed the change yet. I'll let you know here when it goes out.
5 Likes
The above accounts have been added to the allow list.
As said above, We won't be taking any more requests going forward, as we will launch to all shortly.
Any feedback (whether that's bugs, or confirmations things are working properly) is welcome. You can post here, in other threads if you need help, or as always you can file Github bugs if you have a bug.
6 Likes
Thank you Matthew. That's working an absolute treat. BIND serves it, and dig and Firefox both accept it. Firefox will just be looking at the hostname, I've tried dig with DoT and DoH with the hostname, an IPv4 address and an IPv6 address. All looking good.
Cracking stuff! Now to think of other uses.
If anybody's interested, I'm using lego for this certificate. I've used acmebot since early 2017, and that uses josepy for any private key operations with the account key. After a bit of fiddling I was able to get the josepy-format key data converted into the plain OpenSSL format that lego can use. Yes, I could have spun up a new account but I did it more for the exercise than anything else!
Thanks again 
3 Likes
Thank you. I've had no issues issuing the new certificate profile (using Certbot), and have replaced all my classic certs with shortlived. I've had no issue with any of my software accepting these certs, and my monitoring isn't showing any traffic decreases.
3 Likes
All fine with acme.sh here. I'll monitor the upcoming renewals with anacron and see how it behaves with TLSA records. Everything's perfect for the first issue.
Thank you!
1 Like
Thanks to the immediacy of the HTTP-01 challenge, certificate issuance was very fast. Browser compatibility is identical to other Let's Encrypt certificates.
Thank you!
1 Like
Thanks !
Everything is working perfectly with Caddy Automation; Shortlived certificate was issued successful.
1 Like
see.
they don't accept any new accounts, as the feature will launch soon for all
2 Likes
I've successfully deployed the Unbound with IP certificate. When I was testing the deployment via dog GitHub - ogham/dog: A command-line DNS client. and kdig Files · 3.5 · Knot projects / Knot DNS · GitLab they both failed with certificate-related issues, but with dnslookup GitHub - ameshkov/dnslookup: Simple command line utility to make DNS lookups to the specified server everything worked.
1 Like