From ec063d851585edeed9fa6efaf4b7517fb9e04c04 Mon Sep 17 00:00:00 2001 From: Daniel Ziegenberg Date: Sun, 8 Jun 2025 20:58:08 +0200 Subject: [PATCH] Add HARICA to the list of tested CAs (#915) * Add HARICA to the list of tested CAs Signed-off-by: Daniel Ziegenberg * Add ZeroSSL to list. --------- Signed-off-by: Daniel Ziegenberg Co-authored-by: Felix Fontein --- plugins/doc_fragments/_acme.py | 3 ++- plugins/modules/acme_account.py | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/plugins/doc_fragments/_acme.py b/plugins/doc_fragments/_acme.py index 73e2714e..042f0045 100644 --- a/plugins/doc_fragments/_acme.py +++ b/plugins/doc_fragments/_acme.py @@ -16,7 +16,7 @@ notes: the module can in principle be used with any CA providing an ACME endpoint, such as L(Buypass Go SSL,https://www.buypass.com/ssl/products/acme). - So far, the ACME modules have only been tested by the developers against Let's Encrypt (staging and production), Buypass (staging and production), ZeroSSL (production), and L(Pebble testing server,https://github.com/letsencrypt/Pebble). We - have got community feedback that they also work with Sectigo ACME Service for InCommon. If you experience problems with + have got community feedback that they also work with Sectigo ACME Service for InCommon and with HARICA. If you experience problems with another ACME server, please L(create an issue,https://github.com/ansible-collections/community.crypto/issues/new/choose) to help us supporting it. Feedback that an ACME server not mentioned does work is also appreciated. requirements: @@ -43,6 +43,7 @@ options: - For B(Buypass), the production directory URL for ACME v2 and v1 is U(https://api.buypass.com/acme/directory). - For B(ZeroSSL), the production directory URL for ACME v2 is U(https://acme.zerossl.com/v2/DV90). - For B(Sectigo), the production directory URL for ACME v2 is U(https://acme-qa.secure.trust-provider.com/v2/DV). + - For B(HARICA), the production directory URL for ACME v2 is U(https://acme.harica.gr/XXX/directory) with XXX being specific to your account. - The notes for this module contain a list of ACME services this module has been tested against. required: true type: str diff --git a/plugins/modules/acme_account.py b/plugins/modules/acme_account.py index 8f8d650d..b4716f91 100644 --- a/plugins/modules/acme_account.py +++ b/plugins/modules/acme_account.py @@ -100,8 +100,8 @@ options: external_account_binding: description: - Allows to provide external account binding data during account creation. - - This is used by CAs like Sectigo to bind a new ACME account to an existing CA-specific account, to be able to properly - identify a customer. + - This is used by CAs like Sectigo, HARICA, or ZeroSSL to bind a new ACME account to an existing CA-specific account, + to be able to properly identify a customer. - Only used when creating a new account. Can not be specified for ACME v1. type: dict suboptions: