logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



mod_md :: Let's Encrypt support for Apache httpd

 
Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules



View previous topic :: View next topic  
Author Message
PipoDeClown



Joined: 20 Dec 2005
Posts: 75

PostPosted: Mon 31 Jul '17 22:30    Post subject: Let's Encrypt (ACME) support for Apache httpd Reply with quote

https://github.com/icing/mod_md

would be cool if this works.
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2574
Location: Hilversum, NL, EU

PostPosted: Mon 31 Jul '17 23:04    Post subject: Reply with quote

Yes, testing now. There are some issues with windows. Make it available for testing as soon as I get it working.
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2574
Location: Hilversum, NL, EU

PostPosted: Wed 02 Aug '17 14:04    Post subject: Reply with quote

You can follow the test progress from me at https://github.com/icing/mod_md/issues

Edit 15 August 2017:
Looks fine now here. Made available, see https://www.apachelounge.com/viewtopic.php?t=7712
Back to top
PipoDeClown



Joined: 20 Dec 2005
Posts: 75

PostPosted: Thu 24 Aug '17 15:31    Post subject: mod_md Reply with quote

Well after ironing out some config issues it works nicely.
Just don't make typo's. The error messages are not always that clear, even at trace loglevel.

For some reason it generated 4K keys, would be nice to have any control over that. Also would like to create ECC 256bits/ECDSA_P256 keys.

Needed an extra restart when a new cert/domain was added. Also migrating from staging to prod was not working properly but may have because there were some typo's in my config.
Back to top
icing



Joined: 22 Sep 2015
Posts: 38
Location: M√ľnster, Germany

PostPosted: Fri 01 Sep '17 11:04    Post subject: Reply with quote

In the latest release (v0.8.0), the log messages have been cleaned up. Please report issues or propose improvements at the github repro!

The next release (>0.8.0) will default to 2048 RSA keys and you can configure the bit count.

I am not very intimate with ECDSA keys. AFAIK you need to additionally chose an elliptic curve and I have no expertise how to do that safely. Got any links?
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 2574
Location: Hilversum, NL, EU

PostPosted: Sat 02 Sep '17 11:53    Post subject: Reply with quote

@PipoDeClown Version 0.8.1 defaults now to RSA 2048 instead of 4096.
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache third-party Modules
Page 1 of 1