[pbs-devel] [PATCH proxmox] acme: directory: make non-required url fields optional
Christian Ebner
c.ebner at proxmox.com
Mon Apr 28 10:49:00 CEST 2025
On 4/22/25 10:03, Thomas Lamprecht wrote:
> Am 18.04.25 um 12:38 schrieb Christian Ebner:
>> ACME servers provide the directory endpoint for clients to discover
>> the URLs for ACME operation. These fields are described in RFC 8555
>> [0], but section 7.1 of the corresponding RFC [1] states that the
>> server is only required to provide the `directory` and `newNonce`
>> resources.
>>
>> Therefore, make the not explicitly required fields optional to not
>> fail during deserialization of the json response and improve error
>> handling when the acme client actually requires the not-provided
>> operation url.
>>
>> This was discovered based on issues reported in the community forum.
>
> What about the perl implementation in PVE/PMG, or is that not affected
> of this issue?
The Perl implementation is not affected, as [0] already handles URLs as
optional and only fails if an URL for a requested operation does not
exist. This has also been confirmed by the users in the forum,
mentioning that the same acme provider works without issues on Proxmox
VE [1].
[0]
https://git.proxmox.com/?p=proxmox-acme.git;a=blob;f=src/PVE/ACME.pm;h=65094c20d1707f99e2e47e8576885db89f44aee4;hb=HEAD#l286
[1] https://forum.proxmox.com/threads/159987/post-735018
More information about the pbs-devel
mailing list