I was disappointed that txacme, an automatic way to get certificates for twisted web, stopped working, so I'm trying to add a responder for the new challenge type. It sends a special certificate if the CA negotiates acme using alpn, proving domain control, then you get a certificate.

Seems to work with openssl s_client but letsencrypt says "no application protocol". Anyone know where that error comes from?