Actalis has deployed into production this morning a new version of its ACME server that addresses the following issues mentioned in #605:
- The directory endpoint advertises a keyChange endpoint, but when you try to do an account key rollover, you get an ACME error with the text, "key rollover failed".
- Account objects advertise the orders field, but when queried with a POST-as-GET, just the account object is returned.
- Attempting to create an order with an IP address identifier results in an ACME error with the text, "Blocking CAA record(s) found on one or more of the specified domains".
- Authorization objects don't seem to be cached like other CAs (which is fine). It just means you have to re-authorize every time. And attempting to explicity deactivate an authorization doesn't throw an error, but also doesn't seem to change the status of the authorization object you supposedly deactivated.
- Cert revocation only seems to work when signing the request with the account key that generated the cert. Signing the request with the cert key throws an error, urn:ietf:params:acme:error:accountDoesNotExist
So, @rmbolger, I would like to ask you to also carry out a further test (when you feel like) and then, if everything is well, to modify (or remove) the Actalis-related notes at the bottom of page https://poshac.me/docs/latest/Guides/ACME-CA-Comparison/ accordingly (alternatively, could we do a PR for this purpose?).
Actalis has deployed into production this morning a new version of its ACME server that addresses the following issues mentioned in #605:
So, @rmbolger, I would like to ask you to also carry out a further test (when you feel like) and then, if everything is well, to modify (or remove) the Actalis-related notes at the bottom of page https://poshac.me/docs/latest/Guides/ACME-CA-Comparison/ accordingly (alternatively, could we do a PR for this purpose?).