A simple ACMEv2 client. Fork of acme-nosudo.
Project description
acmens
A fork of acme-nosudo. It uses ACMEv2 protocol and requires Python 3.
acmens may be used for getting a new SSL certificate, renewing a SSL
certificate for a domain, and revoking a certificate for a domain.
It's meant to be run locally from your computer.
prerequisites
- openssl or libressl
- python3
- pip
installation
pip install acmens
getting/renewing a certificate
First, you need to generate an user account key for Let's Encrypt. This is the key that you use to register with Let's Encrypt. If you already have user account key with Let's Encrypt, you can skip this step.
openssl genrsa -aes256 4096 > user.key
openssl rsa -in user.key -pubout > user.pub
Second, you need to generate the domain key and a certificate request. This is the key that you will get signed for free for your domain (replace "example.com" with the domain you own). If you already have a domain key and CSR for your domain, you can skip this step.
# Generate domain key.
openssl genrsa -aes256 -out domain.key 4096
# Generate CSR
openssl req -new -sha256 -key domain.key -out domain.csr
Third, you run the script using python and passing in the path to your user account private key, email address, and the domain CSR. The paths can be relative or absolute.
acmens --account-key user.key --email mail@example.com --csr domain.csr > signed.crt
When you run the script, it will:
-
Register you with Let's Encrypt using the email address.
-
If the
user.keyis encrypted, openssl will ask for the passphrase every time the private key is used for signing requests or data. -
Ask you to provision a HTTP resource on your web server for the domain for the ACME HTTP challenge.
-
Will write the certificate to
signed.crtif ACME HTTP challenge is successful.
revoking a certificate
First, you will need to the user account key for Let's Encrypt that was used when the certificate was signed.
Second, you will need the PEM encoded signed certificate that was produced by
acmens.
Third, you run the script using python and passing in the path to your user account key and the signed domain certificate. The paths can be relative or absolute.
acmens --revoke -k user.key --crt domain.crt
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file acmens-0.1.1.tar.gz.
File metadata
- Download URL: acmens-0.1.1.tar.gz
- Upload date:
- Size: 6.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/46.1.3 requests-toolbelt/0.9.1 tqdm/4.45.0 CPython/3.7.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
201e5329008aed447f38436c6d0115792bd1885db60e46af519cc9ac40cbbeee
|
|
| MD5 |
f48a2242550921b7e50f617336d8440d
|
|
| BLAKE2b-256 |
b56bb8c051895baf2667a46ddced419e5d8462da58a546b932bd20e4083fe3ab
|
File details
Details for the file acmens-0.1.1-py3-none-any.whl.
File metadata
- Download URL: acmens-0.1.1-py3-none-any.whl
- Upload date:
- Size: 19.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/46.1.3 requests-toolbelt/0.9.1 tqdm/4.45.0 CPython/3.7.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
57bbd5d4d16615d3875854917a82f77980568a181d91c48044eb3592078101ea
|
|
| MD5 |
fe1aa737d404c36e514ea770fa12b908
|
|
| BLAKE2b-256 |
1a6d7a5562b4e7808f5c538d74414d354c701a15558799024cfaa37f6385c305
|
