Description:

acmens 0.3.0

acmens
A fork of acme-nosudo. It uses ACMEv2 protocol and requires Python 3.
acmens may be used for getting a new SSL certificate, renewing a SSL
certificate for a domain, and revoking a certificate for a domain.
It's meant to be run locally from your computer.
prerequisites

openssl or libressl
python3
pip
virtualenv (if you want to use the repo version)

installation
pip install acmens

Or, if you would like to use the repo version:
cd /path/to/acmens

# init virtual environment
make venv

# activate virtual environment
. .venv/bin/activate

# put acmens in your PATH
make develop
# note that any changes you make to acmens.py will be instantly reflected
# in the acmens in your PATH.

getting/renewing a certificate
First, generate an user account key for Let's Encrypt:
openssl genrsa -aes256 4096 > user.key
openssl rsa -in user.key -pubout > user.pub

Next, generate the domain key and a certificate request:
# Generate domain key
openssl genrsa -aes256 -out domain.key 4096

# Generate CSR for a single domain
openssl req -new -sha256 -key domain.key -out domain.csr

# Or Generate CSR for multiple domains
openssl req -new -sha256 -key domain.key -subj "/" -addext "subjectAltName = DNS:example.com, DNS:www.example.com" > domain.csr

Lastly, run acmens:
acmens --account-key user.key --email mail@example.com --csr domain.csr > signed.crt

dns challenge
If you want to use the DNS challenge type provide it using the --challenge flag.
acmens --account-key user.key --email mail@example.com --challenge dns --csr domain.csr > signed.crt

This will prompt you to update the DNS records to add a TXT record.
revoking a certificate
This:
acmens --revoke -k user.key --crt signed.crt

will revoke SSL certificate in signed.crt.

License

For personal and professional use. You cannot resell or redistribute these repositories in their original state.

Share

• Share on Facebook
• Share on Twitter