54 lines
1.9 KiB
Plaintext
54 lines
1.9 KiB
Plaintext
acme-tinier
|
|
===========
|
|
:compact-option:
|
|
|
|
'acme-tinier' is a simplified rewrite of acme-tiny in Perl, since Python 3
|
|
wanted to take 125 MiB of space on my machine while Perl is practically
|
|
everywhere and the JSON::PP package seems to be present in most of its default
|
|
installations.
|
|
|
|
It is not likely to work with any other provider than Let's Encrypt, as the
|
|
ACME protocol hasn't been finalised yet and there have been plenty of changes
|
|
to it already.
|
|
|
|
Usage
|
|
-----
|
|
The following is a minimal script to generate a key and a corresponding
|
|
certificate using Let's Encrypt, assuming that a web server is properly set up
|
|
to serve the `ACME_DIR` and the user running this, which should in no way be
|
|
the root user, can place files in there:
|
|
....
|
|
#!/bin/sh -ex
|
|
[ -f account.key ] || openssl genrsa 4096 > account.key
|
|
[ -f intermediate.pem ] || curl -o intermediate.pem \
|
|
https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem
|
|
|
|
DOMAIN=example.com
|
|
|
|
[ -f $DOMAIN.key ] || openssl genrsa 4096 > $DOMAIN.key
|
|
openssl req -new -sha256 -key $DOMAIN.key -nodes \
|
|
-subj "/CN=$DOMAIN/emailAddress=me@example.com" > $DOMAIN.csr
|
|
|
|
ACME_DIR=/srv/http/acme-challenge \
|
|
ACCOUNT_KEY=account.key \
|
|
ACME_CA='https://acme-staging.api.letsencrypt.org' \
|
|
./acme-tinier.pl $DOMAIN.csr > $DOMAIN.crt
|
|
cat intermediate.pem >> $DOMAIN.crt
|
|
....
|
|
|
|
The Perl script itself is under 200 hundred lines of code, which is also the
|
|
upper limit for development, and you are advised to study it before use.
|
|
|
|
Contributing and Support
|
|
------------------------
|
|
Use https://git.janouch.name/p/acme-tinier to report any bugs, request features,
|
|
or submit pull requests. `git send-email` is tolerated. If you want to discuss
|
|
the project, feel free to join me at ircs://irc.janouch.name, channel #dev.
|
|
|
|
Bitcoin donations are accepted at: 12r5uEWEgcHC46xd64tt3hHt9EUvYYDHe9
|
|
|
|
License
|
|
-------
|
|
This software is released under the terms of the 0BSD license, the text of which
|
|
is included within the package along with the list of authors.
|