dehydrated shouldn't send keyAuthorization in ACMEv2 challenge response #430

New Issue

2025-12-29T01:25:02+01:00

adam commented

2025-12-29 01:25:02 +01:00

Originally created by @alexzorin on GitHub (Sep 10, 2019).

https://github.com/lukas2511/dehydrated/blob/018254974cb6cbf93ba9249b06b2d923e37a9e88/dehydrated#L812

Should just be {} per https://tools.ietf.org/html/rfc8555#section-7.5.1:

The client indicates to the server that it is ready for the challenge
validation by sending an empty JSON body ("{}") carried in a POST
request to the challenge URL (not the authorization URL).

This field causes dehydrated to produce an error against Pebble, even when not in strict mode.

Originally created by @alexzorin on GitHub (Sep 10, 2019). https://github.com/lukas2511/dehydrated/blob/018254974cb6cbf93ba9249b06b2d923e37a9e88/dehydrated#L812 Should just be `{}` per https://tools.ietf.org/html/rfc8555#section-7.5.1: > The client indicates to the server that it is ready for the challenge validation by sending an empty JSON body ("{}") carried in a POST request to the challenge URL (not the authorization URL). This field causes dehydrated to produce an error against Pebble, even when not in strict mode.

adam added the bug label 2025-12-29 01:25:02 +01:00

adam closed this issue

2025-12-29 01:25:02 +01:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/dehydrated#430