acme - :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

  •        65

acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly integrate into your webserver setup to enable automatic verification. Unlike the official Let's Encrypt client, this doesn't modify your web server configuration.You can perform verifications using port 80 or 443 (if you don't yet have a server running on one of them); via webroot; by configuring your webserver to proxy requests for /.well-known/acme-challenge/ to a special port (402) which acmetool can listen on; or by configuring your webserver not to listen on port 80, and instead running acmetool's built in HTTPS redirector (and challenge responder) on port 80. This is useful if all you want to do with port 80 is redirect people to port 443.

https://hlandau.github.io/acme/
https://github.com/hlandau/acme

Tags
Implementation
License
Platform

   




Related Projects

acme-client - Let's Encrypt / ACME client written in PHP for the CLI.

  •    PHP

kelunik/acme-client is an ACME client written in PHP. ACME is the protocol that powers the Let's Encrypt certificate authority.

acme-dns - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely

  •    Go

A simplified DNS server with a RESTful HTTP API to provide a simple way to automate ACME DNS challenges. Many DNS servers do not provide an API to enable automation for the ACME DNS challenges. Those which do, give the keys way too much power. Leaving the keys laying around your random boxes is too often a requirement to have a meaningful process automation.

rancher-letsencrypt - :cow: Rancher service that obtains and manages free SSL certificates from the Let's Encrypt CA

  •    Go

A Rancher service that obtains free SSL/TLS certificates from the Let's Encrypt CA, adds them to Rancher's certificate store and manages renewal and propagation of updated certificates to load balancers. If using the HTTP challenge, a reverse proxy that routes example.com/.well-known/acme-challenge to rancher-letsencrypt.

certmagic - Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

  •    Go

CertMagic is the most mature, robust, and capable ACME client integration for Go. With CertMagic, you can add one line to your Go application to serve securely over TLS, without ever having to touch certificates.


boulder - An ACME-based CA, written in Go.

  •    Go

This is an implementation of an ACME-based CA. The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains.Boulder has a Dockerfile to make it easy to install and set up all its dependencies. This is how the maintainers work on Boulder, and is our main recommended way to run it.

certbot - Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server

  •    Python

Certbot is part of EFF’s effort to encrypt the entire Internet. Secure communication over the Web relies on HTTPS, which requires the use of a digital certificate that lets browsers verify the identity of web servers (e.g., is that really google.com?). Web servers obtain their certificates from trusted third parties called certificate authorities (CAs). Certbot is an easy-to-use client that fetches a certificate from Let’s Encrypt—an open certificate authority launched by the EFF, Mozilla, and others—and deploys it to a web server. Anyone who has gone through the trouble of setting up a secure website knows what a hassle getting and maintaining a certificate is. Certbot and Let’s Encrypt can automate away the pain and let you turn on and manage HTTPS with simple commands. Using Certbot and Let's Encrypt is free, so there’s no need to arrange payment.

dokku-letsencrypt - BETA: Automatic Let's Encrypt TLS Certificate installation for dokku

  •    Shell

dokku-letsencrypt is the official plugin for dokku that gives the ability to automatically retrieve and install TLS certificates from letsencrypt.org. During ACME validation, your app will stay available at any time.Note: Your app must already be deployed and accessible in the browser in order to add letsencrypt to your app. Your app just being created is not enough. If you need to, add a temporary certificate to your app prior to adding letsencrypt by running dokku certs:generate <app> DOMAIN to make your app accessible.

dehydrated - letsencrypt/acme client implemented as a shell-script – just add water

  •    Shell

It uses the openssl utility for everything related to actually handling keys and certificates, so you need to have that installed. Please keep in mind that this software and even the acme-protocol are relatively young and may still have some unresolved issues. Feel free to report any issues you find with this script or contribute by submitting a pull request.

acme - A simple ACME command line tool without 3rd party deps!

  •    Go

A simple command line tool to manage TLS certificates with ACME-compliant CAs, which has no third party dependencies.If you're looking for a package to import in your program, golang.org/x/crypto/acme or golang.org/x/crypto/acme/autocert is what you'll want instead.

haproxy-acme-validation-plugin - :four_leaf_clover: Zero-downtime ACME / Let's Encrypt certificate issuing for HAProxy

  •    Shell

HAProxy plugin implementing zero-downtime ACME http-01 validation for domains served by HAProxy instances. The plugin leverages HAProxy's Lua API to allow HAProxy to answer validation challenges using token/key-auth files provisioned by an ACME client to a designated directory. The plugin is compatible with ACME clients supporting webroot authentication for http-01 challenges.

kube-cert-manager - Manage Lets Encrypt certificates for a Kubernetes cluster.

  •    Go

This project is loosely based on https://github.com/kelseyhightower/kube-cert-manager It took over most of its documentation, license, as well as the general approach to how things work. The code itself however, was entirely reimplemented to use xenolf/lego as the basis, instead of reimplementing an ACME client and DNS plugins.

acme.sh - A pure Unix shell script implementing ACME client protocol

  •    Shell

It's probably the easiest & smartest shell script to automatically issue & renew the free certificates from Let's Encrypt.

acme-client - A Ruby client for the letsencrypt's ACME protocol.

  •    Ruby

acme-client is a client implementation of the ACME protocol in Ruby. You can find the ACME reference implementations of the server in Go and the client in Python.

certify - SSL Certificate Manager UI for Windows, powered by Let's Encrypt

  •    CSharp

The SSL/TLS Certificate Management GUI for Windows, powered by Let's Encrypt, allowing you to generate and install free SSL certificates for Windows/IIS (with automated renewal). Advanced users can explore the different validation modes, deployment modes and other advanced options.

Cryptlib - provides Encryption and Authentication Service

  •    C

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

certificates - 🛡️ An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere

  •    Go

An online certificate authority and related tools for secure automated certificate management, so you can use TLS everywhere. For more information and docs see the Step website and the blog post announcing Step Certificate Authority.

de - A Programmer's Text Editor

  •    Go

It's kind of like a bastard child of vim and Plan 9's acme editor, because vim feels inadequate on a computer with a mouse after using acme, and acme feels inadequate on a computer with a keyboard after using vi. Like vim, it's a modal editor with syntax highlighting that uses hjkl for movement. Like acme, it attempts to exploit your current OS environment instead of replacing it and tries to make the mouse useful.

win-acme - win-acme - A Simple ACME Client for Windows (for use with Let's Encrypt)

  •    CSharp

This is a ACME CLI client for Windows built in native .NET and aims to be as simple as possible to use. It's built on top of the ACMESharp project. Download the latest release, unpack and run letsencrypt.exe, and follow the messages in the input prompt. There are some useful command line arguments which can help with advanced or unattended usage scenarios.