rmalchow
rmalchow
this would be a +1 from me. being forced to directly expose the demon seems off. but i think it would be even better to somehow be able to support...
if one would be thinking about supporting this, then this may need additional config for which proxy's headers we can trust, and expecting a proper client-auth handshake from everyone else?
yes. but, for example, you cannot selectively expose certain endpoints. in my current thinking, i would like to be able to issue tokens, but only allow certificate retrieval (with a...
this also ties in with [https://github.com/smallstep/certificates/discussions/668](https://github.com/smallstep/certificates/discussions/668). the path we were thinking is to issue tokens "internally" (i.e. on a known host). then, it should be possible to use this token...
please check this: https://github.com/acmesh-official/acme.sh/pull/4122
hi, i have created a new merge request: https://github.com/acmesh-official/acme.sh/pull/4124 i only tested it locally, not with github actions, but it is honestly relatively easy to see what i am doing...
+1 from me. i was going crazy over this - expecting some weird mistake on my side. i think its reasonable to expect a subtree query. if anyone is worried...
wouldnt call it a bug though ... just a quirk. allowing selecting "subtree" would deffo be an improvement. :)
@uberbrady i've been looking at your code - and although LDAP doesnt seem too esoteric to me anymore, PHP certainly is a weak point. i'd still be happy to help...
@uberbrady the "LDAP" way of doing this would be to set the scope for the user query - the scope being part of the normal configuration of any ldap query,...