Avoid sending LetsEncrypt requests for domains that are too long
What does this MR do and why?
This MR fixes issue #394984 (closed) (Acme::Client::Error::RejectedIdentifier: NewOrder request did not include a SAN short enough to fit in CN)
In this MR we set a limit of 64 characters, which is currently the standard for Let's Encrypt (https://community.letsencrypt.org/t/the-server-will-not-issue-certificates-for-the-identifier-neworder-request-did-not-include-a-san-short-enough-to-fit-in-cn/156353). We also check the byte size of the specified domain to see if it is larger than 64 characters and log an error message if this is the case.
Screenshots or screen recordings
No visual changes.
How to set up and validate locally
You can't set a local test environment for issue #394984 (closed) due to the content of this comment: #394984 (comment 1670322416)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.