Hi,these problem is not new. I raised the roblem with letsencrypt over an month ago.
Better Would be: Client Send clientnone,ECDSA-SHA256(servernonce,clientnonce)
The cert for <fqdn>.challenge.amce contain the public key. So the client had proved he control the server _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
