Struct acme_client::AcmeClient
[−]
[src]
pub struct AcmeClient { /* fields omitted */ }
Automatic Certificate Management Environment (ACME) client
Methods
impl AcmeClient
[src]
fn new() -> Result<Self>
fn set_domain(self, domain: &str) -> Result<Self>
Sets domain name.
fn set_ca_server(self, ca_server: &str) -> Result<Self>
Sets CA server, default is: https://acme-v01.api.letsencrypt.org
fn set_chain_url(self, url: &str) -> Result<Self>
Sets intermediate PEM certificate URL to chain signed certificate with before
save_signed_certificate
and write_signed_certificate
.
Let's Encrypt intermediate certificates can be found in certificates page.
Let's Encrypt Authority X3 (IdenTrust cross-signed) certificate URL is:
https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem
fn gen_user_key(self) -> Result<Self>
Generates new user key.
fn gen_domain_key(self) -> Result<Self>
Generates new domain key.
fn set_agreement(self, agreement: &str) -> Result<Self>
Sets user aggrement.
This agreement is used in user registration and user must agree this agreement. Default is: LE-SA-v1.1.1-August-1-2016.pdf
Let's Encrypt requires an URL to agreed user agrement.
fn load_user_key<P: AsRef<Path>>(self, private_key_path: P) -> Result<Self>
Loads private key from PEM file path.
fn load_domain_key<P: AsRef<Path>>(self, private_key_path: P) -> Result<Self>
Loads private domain key from PEM file path.
fn get_domain(&self) -> Option<String>
Gets domain name
fn get_user_public_key(&self) -> Option<Vec<u8>>
Gets the public key as PEM.
fn get_user_private_key(&self) -> Option<Vec<u8>>
Gets the private key as PEM.
fn get_domain_public_key(&self) -> Option<Vec<u8>>
Gets domain public key as PEM.
fn get_domain_private_key(&self) -> Option<Vec<u8>>
Gets domain private key as PEM.
fn save_user_public_key<P: AsRef<Path>>(self, path: P) -> Result<Self>
Saves user public key as PEM.
fn save_user_private_key<P: AsRef<Path>>(self, path: P) -> Result<Self>
Saves user private key as PEM.
fn save_domain_public_key<P: AsRef<Path>>(self, path: P) -> Result<Self>
Saves domain public key as PEM.
fn save_domain_private_key<P: AsRef<Path>>(self, path: P) -> Result<Self>
Saves domain private key as PEM.
fn set_bit_length(self, bit_length: u32) -> Result<Self>
Sets bit lenght for CSR generation. Only 1024, 2048 and 4096 allowed.
Default is 2048.
fn gen_csr(self) -> Result<Self>
Generates new certificate signing request for domain.
You need to set a domain name with domain()
first.
fn load_csr<P: AsRef<Path>>(self, path: P) -> Result<Self>
Loads CSR from PEM file.
fn save_csr<P: AsRef<Path>>(self, path: P) -> Result<Self>
Saves CSR file as PEM.
fn load_certificate<P: AsRef<Path>>(self, path: P) -> Result<Self>
Loads a signed X509 certificate as pem
This is required if you want to revoke a signed certificate
fn register_account(self, email: Option<&str>) -> Result<Self>
Registers new user account.
You can optionally use an email for this account.
This function will generate a user key if it's not already generated or loaded from a PEM file.
fn identify_domain(self) -> Result<Self>
Makes new identifier authorization request and gets challenges for domain.
fn get_challenge(&self, pattern: &str) -> Option<Challenge>
Gets a challenge.
You need to get challenges first with identify_domain()
.
Pattern is used in starts_with
for type comparison.
fn save_http_challenge_into<P: AsRef<Path>>(self, path: P) -> Result<Self>
Saves validation token into {path}/.well-known/acme-challenge/{token}
.
fn simple_http_validation(self) -> Result<Self>
Triggers HTTP validation to verify domain ownership.
fn dns_validation(self) -> Result<Self>
Triggers DNS validation to verify domain ownership.
fn get_dns_validation_signature(&mut self) -> Result<String>
Gets DNS validation signature.
This value is used for verification domain over DNS. Signature must be saved
as a TXT record for _acme_challenge.example.com
.
fn sign_certificate(self) -> Result<Self>
Signs certificate.
You need to generate or load a CSR first. Domain also needs to be verified first.
fn save_signed_certificate<P: AsRef<Path>>(self, path: P) -> Result<Self>
Saves signed certificate as PEM.
fn write_signed_certificate<W: Write>(self, writer: &mut W) -> Result<Self>
Writes signed certificate to writer
fn revoke_signed_certificate(self) -> Result<Self>
Revokes a signed certificate
You need to load a certificate with load_certificate first