From 99c1d4271f3ae625cf5fae5f32097ba57553305c Mon Sep 17 00:00:00 2001 From: Louis Taylor Date: Wed, 25 Jul 2018 11:30:53 +0100 Subject: [PATCH] Add note about http01 and wildcard certificates Fixes #757. --- docs/reference/issuers.rst | 4 ++-- docs/reference/issuers/acme/http01.rst | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/docs/reference/issuers.rst b/docs/reference/issuers.rst index 3ddf690dd..63208f457 100644 --- a/docs/reference/issuers.rst +++ b/docs/reference/issuers.rst @@ -34,8 +34,8 @@ An example of an Issuer type is ACME. A simple ACME issuer could be defined as: This is the simplest of ACME issuers - it specifies no DNS-01 challenge providers. HTTP-01 validation can be performed through using Ingress resources by enabling the HTTP-01 challenge mechanism (with the ``http01: {}`` -field). More information on configuring ACME Issuers can be in later sections -of this document. +field). More information on configuring ACME Issuers can be found :doc:`here `. + *********** Namespacing diff --git a/docs/reference/issuers/acme/http01.rst b/docs/reference/issuers/acme/http01.rst index 28df4d4bf..8daf45f89 100644 --- a/docs/reference/issuers/acme/http01.rst +++ b/docs/reference/issuers/acme/http01.rst @@ -25,5 +25,10 @@ using Ingress resources name: example-issuer-account-key http01: {} + +.. note:: + Let's Encrypt does not support issuing wildcard certificates with HTTP-01 challenges. + To issue wildcard certificates, you must use the DNS-01 challenge. + .. todo:: Write a full description of how HTTP01 challenge validation works