From 9e2c593c82e17f5e81d7ebb27df5660c7fd6b475 Mon Sep 17 00:00:00 2001
From: Shankar <skreddy040@gmail.com>
Date: Mon, 16 Mar 2026 23:39:35 -0400
Subject: [PATCH] docs: clarify ACME is HTTP-01 only, DNS-01 planned for V2

The concepts guide implied DNS-01 was supported. Made it explicit
that v1 uses HTTP-01 and DNS-01 (wildcards) is on the V2 roadmap.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 docs/concepts.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/concepts.md b/docs/concepts.md
index dc55476..8d87a07 100644
--- a/docs/concepts.md
+++ b/docs/concepts.md
@@ -30,7 +30,7 @@ Common CAs include Let's Encrypt (free, automated), DigiCert, Sectigo, and your
 
 ACME (Automatic Certificate Management Environment) is the protocol Let's Encrypt created for automated certificate issuance. Instead of filling out forms and waiting for emails, ACME lets software request, validate, and receive certificates programmatically. The server proves domain ownership by responding to challenges — placing a specific file on the web server (HTTP-01) or creating a DNS record (DNS-01).
 
-certctl speaks ACME natively, so it can request certificates from Let's Encrypt or any ACME-compatible CA without manual intervention.
+certctl speaks ACME natively via HTTP-01 challenges, so it can request certificates from Let's Encrypt or any ACME-compatible CA without manual intervention. DNS-01 challenge support (required for wildcard certificates) is planned for V2.
 
 ### Private Key