Skip to content

No new certificate fetched when changing from LE staging to production #341

Open
@mkauf

Description

@mkauf

When the MDCertificateAuthority setting of a managed domain is changed from Let's Encrypt staging (https://acme-staging-v02.api.letsencrypt.org/directory) to Let's Encrypt production (https://acme-v02.api.letsencrypt.org/directory), mod_md does not fetch a new certificate.

mod_md continues to use the certificate from LE's staging environment. The problem is that browsers don't trust this certificate, they only trust certificates from LE's production environment.

I think mod_md should discard existing certificates for a managed domain if MDCertificateAuthority has changed.

Metadata

Metadata

Assignees

No one assigned

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions