Is there somewhere in the Let's Encrypt documentation that lists what the supported methods are and what the requirements for using them are? I set up Let's Encrypt for a few somewhat bizarrely configured domains of mine, and I couldn't find anything at letsencrypt.org/docs that explained it.
IMO adding this type of documentation would be great. If I want to see what type of challenges there are, I don't want to browse through all the client choices and see what each of them supports. I want to know what Let's Encrypt supports and then pick a client that serves my needs.
It could be as simple as adding something explicit to the how-it-works page:
Let's Encrypt currently supports the following ACME mechanisms to validate your domain:
- HTTP-01: the Let's Encrypt client receives a challenge from Let's Encrypt and serves its response to the challenge at /.well-known/whatever on HTTP port 80 on each of the domains to be listed on the certificate. Let's Encrypt will load that URL to validate the request. This mechanism does not support wildcard certificates.
- TLS-ALPN-01: etc.
Something like this would have saved me about 45 minutes of fiddling around trying to figure out what I needed to do. I can't be the only person whose setup is more complicated than just a simple web server instance that I can blindly run certbot on. I had to make changes to my network, and I needed to know what changes to make.
