acme-client 0.2.0

Easy to use ACME client library to issue, renew and revoke TLS certificates

Crate acme_client [] [src]

Easy to use Let's Encrypt compatible Automatic Certificate Management Environment (ACME) client library.

Spec is available in https://tools.ietf.org/html/draft-ietf-acme-acme

Examples

Signing certificate for example.org:

AcmeClient::new()
    .and_then(|ac| ac.set_domain("example.org"))
    .and_then(|ac| ac.register_account(Some("contact@example.org")))
    .and_then(|ac| ac.identify_domain())
    .and_then(|ac| ac.save_http_challenge_into("/var/www"))
    .and_then(|ac| ac.simple_http_validation())
    .and_then(|ac| ac.sign_certificate())
    .and_then(|ac| ac.save_domain_private_key("domain.key"))
    .and_then(|ac| ac.save_signed_certificate("domain.crt"));

Using your own keys and CSR to sign certificate:

AcmeClient::new()
    .and_then(|ac| ac.set_domain("example.org"))
    .and_then(|ac| ac.load_user_key("user.key"))
    .and_then(|ac| ac.load_domain_key("domain.key"))
    .and_then(|ac| ac.load_csr("domain.csr"))
    .and_then(|ac| ac.register_account(Some("contact@example.org")))
    .and_then(|ac| ac.identify_domain())
    .and_then(|ac| ac.save_http_challenge_into("/var/www"))
    .and_then(|ac| ac.simple_http_validation())
    .and_then(|ac| ac.sign_certificate())
    .and_then(|ac| ac.save_domain_private_key("domain.key"))
    .and_then(|ac| ac.save_signed_certificate("domain.crt"));

Or you can use this library to generate keys and CSR, and use it later:

AcmeClient::new()
    .and_then(|ac| ac.set_domain("example.org"))
    .and_then(|ac| ac.gen_user_key())
    .and_then(|ac| ac.gen_domain_key())
    .and_then(|ac| ac.gen_csr())
    .and_then(|ac| ac.save_user_public_key("user.pub"))
    .and_then(|ac| ac.save_user_private_key("user.pub"))
    .and_then(|ac| ac.save_domain_public_key("domain.pub"))
    .and_then(|ac| ac.save_domain_private_key("domain.key"))
    .and_then(|ac| ac.save_csr("domain.csr"));

Revoking signed certificate:

AcmeClient::new()
    .and_then(|ac| ac.load_user_key("tests/user.key"))
    .and_then(|ac| ac.load_certificate("domain.crt"))
    .and_then(|ac| ac.revoke_signed_certificate());

Structs

AcmeClient

Automatic Certificate Management Environment (ACME) client

Challenge

A verification challenge

Error

Enums

ErrorKind

Traits

ChainErr

Type Definitions

Result