challtestsrv icon indicating copy to clipboard operation
challtestsrv copied to clipboard
verified publisher icon letsencrypt

Support tls-alpn-01 for IP identifiers

Open aarongable opened this issue 7 months ago • 0 comments

The tls-alpn-01 responder currently hardcodes the supplied identifier as a dnsName SAN in the challenge certificate: https://github.com/letsencrypt/challtestsrv/blob/bcea93640e39bfad2dbe3465f08040b14aa0e9a9/tlsalpnone.go#L76

This doesn't work for IP identifiers, where it needs to be encoded as an ipAddress SAN.

aarongable avatar Jul 03 '25 00:07 aarongable