ACME Response Headers Configuration

Perform necessary steps to ensure that the ACME protocol does not fail during the client-server communication.

This health check ensures that all necessary ACME-specific response headers are properly configured. Without these headers, the ACME protocol will fail, as they are required for proper client-server communication during certificate issuance.

Health Check Name: c

Accessed APIs

Method

Endpoint

Description

READ

/sys/internal/ui/mounts

Verifies configured headers for mounts

Configuration Parameters

Parameter

Description

(None)

This check does not require configurable parameters.

Health Check Results

Condition

Status Level

Required headers (Replay-Nonce, Link, Location) are missing

Warning

All required headers are configured

Pass

Recommended Actions

Tune the secrets engine mount to include the required ACME headers:

vhsm secrets tune \
  -allowed-response-headers="Last-Modified" \
  -allowed-response-headers="Replay-Nonce" \
  -allowed-response-headers="Link" \
  -allowed-response-headers="Location" \
  <mount>

Verify ACME functionality by testing with an ACME client such as Certbot to confirm headers are returned as expected.

PreviousEnable ACME Issuance

Last updated 10 months ago

Was this helpful?

hashtagAccessed APIs

hashtag Configuration Parameters

hashtagHealth Check Results

hashtagRecommended Actions

Accessed APIs

Configuration Parameters

Health Check Results

Recommended Actions