Which challenge?


#1

This test site: https://tls18.flynexity.com/
I do not have access to this site … I can see it through my browser …
How can I find out which “challenge” it uses? (http-01 or tls-sni-01)?


#2

You can’t as long as you don’t have access to the issuance process.


#3

… ok bytecamp… thanks!..


#4

Although @bytecamp’s answer is correct in principle, we can rule out the possibility of TLS-SNI-01 in this case because the first certificate for that name was issued on January 22, and TLS-SNI-01 had already been disabled for new certificates before then.

https://crt.sh/?Identity=%tls18.flynexity.com&iCAID=16418

So, it would have to have been one of the other methods, either HTTP-01 or DNS-01.

It’s true that information about the challenges that were used to obtain a particular certificate isn’t published by Let’s Encrypt, although I believe Let’s Encrypt policies allow information like this to be published for security research purposes in the future if it’s decided that this would be beneficial.


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.