{
  "$type": "site.standard.document",
  "description": "Build support for the ACME protocol into IO to automatically provision SSL certificates.",
  "path": "/decisions/acme/",
  "publishedAt": "2025-02-13T00:00:00Z",
  "site": "at://did:plc:bnr33h7nafe5nk4zzlshvana/site.standard.publication/3mnb3xdhll227",
  "tags": [
    "ACME",
    "IO"
  ],
  "textContent": "IO supports the ACME protocol , which allows IO ingresses to automatically obtain SSL certificates from LetsEncrypt . Currently only the HTTP-01 challenge method is supported. Pros This is much easier than getting certificates manually. Other ingress proxies also do this, so it's \"table stakes\". Cons The HTTP-01 challenge requires port 80, which might be a problem for users who want to only expose port 443. Eventually we will probably want to fix this by adding support for TLS-ALPN-01. ",
  "title": "Build ACME Support"
}