On Mon, Mar 23, 2026 at 06:48:45PM +0000, Mia Kanashi wrote: > Subject: Re: [PATCH] MEDIUM: acme: implement dns-persist-01 challenge > On February 26, 2026 8:16:43 PM UTC, William Lallemand <[email protected]> > wrote: > >On Thu, Feb 26, 2026 at 12:19:41AM +0200, Mia Kanashi wrote: > >> Subject: Re: [PATCH] MEDIUM: acme: implement dns-persist-01 challenge > >> Oh wait, damn, sorry, it seems I made a mistake during rebasing > >> > >> There should be a line > >> mjson_get_bool(hc->res.buf.area, hc->res.buf.data, "$.wildcard", > >> &wildcard); > >> > >> Before the following line > >> auth->dns = istdup(ist2(t2->area, t2->data)); > >> > >> Similar to how it is in my feature branch > >> > > > >Thank you, I'll make some test next week! > > > > This challenge was just merged into boulder. > They will probably begin staging rollout soon enough I assume. > I will dogfood it by using on my personal sites when that happens. > > Also some of my previous concerns with regards to printing extra logs > probably wont be valid in the future, they plan to change the spec slightly > to allow specifying domain where the record is located during the order. > Probably extra load option will need to be introduced later. Plus they want > to add randomized account URI per order. I will try to keep up with those > changes in next iterations of the draft spec, keeping the pace with pebble.
Hi Mia, I just merged your patch and added the support of dns-persist-01 in "challenge-ready dns" so HAProxy will validate that the challenge is right before asking for the renewal of the challenge. I made a few tests with pebble and that seems to behave correctly, so this will land in HAProxy 3.4. Regards, -- William Lallemand
