From e8c9e98868fbc99f3c3755011719b83391b970ca Mon Sep 17 00:00:00 2001 From: Jeremy Ho Date: Wed, 1 Nov 2023 10:33:42 -0700 Subject: [PATCH] Update current ACME protocol readme status notifications Signed-off-by: Jeremy Ho --- README.md | 4 +++- docker/README.md | 26 ++++++++++++++------------ 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index a640b5f..0603c94 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,9 @@ Automatically update TLS Certificates on OpenShift Routes -**Update: As of August 2023, Entrust (the only approved certificate provider for BC Gov production environments) has discontinued support for Certbot. Currently, Certbot cannot be used to manage your Entrust certificates.** +_Update (August 2023) - Entrust Certificate Services has discontinued ACMEv1 protocol. Current users of BCDevOps Certbot will be unable to renew their certificates at this time if they are using OCIO Identity Management Services' Entrust Certificate Services._ + +_Update (November 2023) - At this time, the underlying EFF Certbot project and Entrust Certificate Services both support the newer ACMEv2 protocol. However, BCDevOps Certbot currently only supports the older, deprecated, ACMEv1 protocol, and OCIO IMS has not enabled ACMEv2 protocol support at this time. Please consider contacting OCIO Identity Management Services to express your need for ACMEv2 and Certbot support._ To learn more about the **Common Services** available visit the [Common Services Showcase](https://bcgov.github.io/common-service-showcase/) page. diff --git a/docker/README.md b/docker/README.md index c7a706a..bc43c58 100644 --- a/docker/README.md +++ b/docker/README.md @@ -6,23 +6,25 @@ Automatically update TLS Certificates on OpenShift Routes -**Update: As of August 2023, Entrust (the only approved certificate provider for BC Gov production environments) has discontinued support for Certbot. Currently, Certbot cannot be used to manage your Entrust certificates.** +_Update (August 2023) - Entrust Certificate Services has discontinued ACMEv1 protocol. Current users of BCDevOps Certbot will be unable to renew their certificates at this time if they are using OCIO Identity Management Services' Entrust Certificate Services._ + +_Update (November 2023) - At this time, the underlying EFF Certbot project and Entrust Certificate Services both support the newer ACMEv2 protocol. However, BCDevOps Certbot currently only supports the older, deprecated, ACMEv1 protocol, and OCIO IMS has not enabled ACMEv2 protocol support at this time. Please consider contacting OCIO Identity Management Services to express your need for ACMEv2 and Certbot support._ To learn more about the **Common Services** available visit the [Common Services Showcase](https://bcgov.github.io/common-service-showcase/) page. ## Table of Contents - - [Summary](#summary) - - [Environment Variables](#environment-variables) - - [Quick Start](#quick-start) - - [Manual Run](#manual-run) - - [Cleanup](#cleanup) - - [Entrust Usage](#entrust-usage) - - [Tips](#tips) - - [Appendix](#appendix) - - [References](#references) - - [Errata](#errata) - - [License](#license) +- [Summary](#summary) +- [Environment Variables](#environment-variables) +- [Quick Start](#quick-start) + - [Manual Run](#manual-run) + - [Cleanup](#cleanup) +- [Entrust Usage](#entrust-usage) +- [Tips](#tips) +- [Appendix](#appendix) + - [References](#references) + - [Errata](#errata) +- [License](#license) ## Summary