Struct acme_client::AcmeClient

pub struct AcmeClient { /* fields omitted */ }

Automatic Certificate Management Environment (ACME) client

Methods

impl AcmeClient

fn new() -> Result<Self>

fn set_domain(self, domain: &str) -> Result<Self>

Sets domain name.

fn set_ca_server(self, ca_server: &str) -> Result<Self>

Sets CA server, default is: https://acme-v01.api.letsencrypt.org

fn set_chain_url(self, url: &str) -> Result<Self>

Sets intermediate PEM certificate URL to chain signed certificate with before save_signed_certificate and write_signed_certificate.

Let's Encrypt intermediate certificates can be found in certificates page.

Let's Encrypt Authority X3 (IdenTrust cross-signed) certificate URL is: https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem

fn gen_user_key(self) -> Result<Self>

Generates new user key.

fn gen_domain_key(self) -> Result<Self>

Generates new domain key.

fn set_agreement(self, agreement: &str) -> Result<Self>

Sets user aggrement.

This agreement is used in user registration and user must agree this agreement. Default is: LE-SA-v1.1.1-August-1-2016.pdf

Let's Encrypt requires an URL to agreed user agrement.

fn load_user_key<P: AsRef<Path>>(self, private_key_path: P) -> Result<Self>

Loads private key from PEM file path.

fn load_domain_key<P: AsRef<Path>>(self, private_key_path: P) -> Result<Self>

Loads private domain key from PEM file path.

fn get_domain(&self) -> Option<String>

Gets domain name

fn get_user_public_key(&self) -> Option<Vec<u8>>

Gets the public key as PEM.

fn get_user_private_key(&self) -> Option<Vec<u8>>

Gets the private key as PEM.

fn get_domain_public_key(&self) -> Option<Vec<u8>>

Gets domain public key as PEM.

fn get_domain_private_key(&self) -> Option<Vec<u8>>

Gets domain private key as PEM.

fn save_user_public_key<P: AsRef<Path>>(self, path: P) -> Result<Self>

Saves user public key as PEM.

fn save_user_private_key<P: AsRef<Path>>(self, path: P) -> Result<Self>

Saves user private key as PEM.

fn save_domain_public_key<P: AsRef<Path>>(self, path: P) -> Result<Self>

Saves domain public key as PEM.

fn save_domain_private_key<P: AsRef<Path>>(self, path: P) -> Result<Self>

Saves domain private key as PEM.

fn set_bit_length(self, bit_length: u32) -> Result<Self>

Sets bit lenght for CSR generation. Only 1024, 2048 and 4096 allowed.

Default is 2048.

fn gen_csr(self) -> Result<Self>

Generates new certificate signing request for domain.

You need to set a domain name with domain() first.

fn load_csr<P: AsRef<Path>>(self, path: P) -> Result<Self>

Loads CSR from PEM file.

fn save_csr<P: AsRef<Path>>(self, path: P) -> Result<Self>

Saves CSR file as PEM.

fn load_certificate<P: AsRef<Path>>(self, path: P) -> Result<Self>

Loads a signed X509 certificate as pem

This is required if you want to revoke a signed certificate

fn register_account(self, email: Option<&str>) -> Result<Self>

Registers new user account.

You can optionally use an email for this account.

This function will generate a user key if it's not already generated or loaded from a PEM file.

fn identify_domain(self) -> Result<Self>

Makes new identifier authorization request and gets challenges for domain.

fn get_challenge(&self, pattern: &str) -> Option<Challenge>

Gets a challenge.

You need to get challenges first with identify_domain().

Pattern is used in starts_with for type comparison.

fn save_http_challenge_into<P: AsRef<Path>>(self, path: P) -> Result<Self>

Saves validation token into {path}/.well-known/acme-challenge/{token}.

fn simple_http_validation(self) -> Result<Self>

Triggers HTTP validation to verify domain ownership.

fn dns_validation(self) -> Result<Self>

Triggers DNS validation to verify domain ownership.

fn get_dns_validation_signature(&mut self) -> Result<String>

Gets DNS validation signature.

This value is used for verification domain over DNS. Signature must be saved as a TXT record for _acme_challenge.example.com.

fn sign_certificate(self) -> Result<Self>

Signs certificate.

You need to generate or load a CSR first. Domain also needs to be verified first.

fn save_signed_certificate<P: AsRef<Path>>(self, path: P) -> Result<Self>

Saves signed certificate as PEM.

fn write_signed_certificate<W: Write>(self, writer: &mut W) -> Result<Self>

Writes signed certificate to writer

fn revoke_signed_certificate(self) -> Result<Self>

Revokes a signed certificate

You need to load a certificate with load_certificate first

Trait Implementations

impl Default for AcmeClient

fn default() -> Self

Returns the "default value" for a type.

impl Drop for AcmeClient

fn drop(&mut self)

A method called when the value goes out of scope.