Package: acmetool
Version: 0.0.62-3+b11
Severity: grave
Hello! I'm using Debian Buster 10.3 on servers with acmetool for
updating Let's encrypt certificates and I got following email from
letsencrypt:
According to our records, the software client you're using to get Let's
Encrypt TLS/SSL certificates issued or renewed at least one HTTPS
certificate
in the past two weeks using the ACMEv1 protocol. Here are the details of one
recent ACMEv1 request from each of your account(s):
...
User agent: acmetool acmeapi Go-http-client/1.1 linux/amd64
...
Beginning June 1, 2020, we will stop allowing new domains to validate using
the ACMEv1 protocol. You should upgrade to an ACMEv2 compatible client
before
then, or certificate issuance will fail. For most people, simply upgrading
to
the latest version of your existing client will suffice. You can view the
client list at: https://letsencrypt.org/docs/client-options/
It means that acmetool package which is in Debian Buster stops working
in June 1, 2020. So please update this package in Debian Buster
repository to a new version which supports ACMEv2 protocol.
Also I would suggest to put acmetool version number into User agent
string so it could be easier to identify exact version which is used.
I'm marking this issue with severity grave as it matches that
description "makes the package in question unusable", which really
happens in two months and few days.
--
Pali Rohár
pali.ro...@gmail.com
