diff --git a/go.mod b/go.mod
index f99c0fdb7fa00b1fc2981bb3e04ede3e8dae3a68..0692d9d16fcfcfd076af6e701e8395eb59eacd90 100644
--- a/go.mod
+++ b/go.mod
@@ -7,6 +7,6 @@ require (
 	git.autistici.org/ai3/tools/replds v0.0.0-20220814170053-28106a9463f5
 	github.com/miekg/dns v1.1.50
 	github.com/prometheus/client_golang v1.12.2
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
+	golang.org/x/crypto v0.0.0-20220817201139-bc19a97f63c8
 	gopkg.in/yaml.v3 v3.0.1
 )
diff --git a/go.sum b/go.sum
index a049b01e8ee886153cb1216bb14c6caa8ec454e3..d94020c45a606309f54faea1c9fb9d7ceb063877 100644
--- a/go.sum
+++ b/go.sum
@@ -855,6 +855,8 @@ golang.org/x/crypto v0.0.0-20210920023735-84f357641f63/go.mod h1:GvvjBRRGRdwPK5y
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c=
 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20220817201139-bc19a97f63c8 h1:GIAS/yBem/gq2MUqgNIzUHW7cJMmx3TGZOrnyYaNQ6c=
+golang.org/x/crypto v0.0.0-20220817201139-bc19a97f63c8/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
diff --git a/vendor/golang.org/x/crypto/acme/acme.go b/vendor/golang.org/x/crypto/acme/acme.go
index df574308d308e80d65e107cc23807582c4bc95da..7f1cd80c083786c85b282ac5d88620688a531fa6 100644
--- a/vendor/golang.org/x/crypto/acme/acme.go
+++ b/vendor/golang.org/x/crypto/acme/acme.go
@@ -310,9 +310,9 @@ func (c *Client) UpdateReg(ctx context.Context, acct *Account) (*Account, error)
 // On success client's Key is updated which is not concurrency safe.
 // On failure an error will be returned.
 // The new key is already registered with the ACME provider if the following is true:
-//  - error is of type acme.Error
-//  - StatusCode should be 409 (Conflict)
-//  - Location header will have the KID of the associated account
+//   - error is of type acme.Error
+//   - StatusCode should be 409 (Conflict)
+//   - Location header will have the KID of the associated account
 //
 // More about account key rollover can be found at
 // https://tools.ietf.org/html/rfc8555#section-7.3.5.
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 6d6944f48451e000d2c88dd90d6436881cc0600c..5c58f6f84a880080696979991d402d2b8244cacc 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -86,7 +86,7 @@ go.opentelemetry.io/otel/sdk/resource
 go.opentelemetry.io/otel/sdk/trace
 # go.opentelemetry.io/otel/trace v1.9.0
 go.opentelemetry.io/otel/trace
-# golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
+# golang.org/x/crypto v0.0.0-20220817201139-bc19a97f63c8
 ## explicit
 golang.org/x/crypto/acme
 # golang.org/x/mod v0.4.2