armature_acme/
lib.rs

1//! # Armature ACME
2//!
3//! ACME (Automatic Certificate Management Environment) client for obtaining
4//! and renewing SSL/TLS certificates from providers like Let's Encrypt.
5//!
6//! ## Features
7//!
8//! - ✅ **Automatic Certificate Management** - Obtain and renew certificates automatically
9//! - ✅ **Multiple Providers** - Support for Let's Encrypt, ZeroSSL, BuyPass, and more
10//! - ✅ **Challenge Types** - HTTP-01, DNS-01, and TLS-ALPN-01 challenges
11//! - ✅ **Account Management** - Register and manage ACME accounts
12//! - ✅ **External Account Binding** - Support for providers requiring EAB
13//! - ✅ **Automatic Renewal** - Check and renew certificates before expiration
14//!
15//! ## Quick Start
16//!
17//! ```no_run
18//! use armature_acme::{AcmeClient, AcmeConfig};
19//!
20//! #[tokio::main]
21//! async fn main() -> Result<(), Box<dyn std::error::Error>> {
22//!     // Configure ACME client for Let's Encrypt staging (testing)
23//!     let config = AcmeConfig::lets_encrypt_staging(
24//!         vec!["admin@example.com".to_string()],
25//!         vec!["example.com".to_string(), "www.example.com".to_string()],
26//!     ).with_accept_tos(true);
27//!
28//!     // Create client
29//!     let mut client = AcmeClient::new(config).await?;
30//!
31//!     // Order certificate
32//!     let (cert_pem, key_pem) = client.order_certificate().await?;
33//!
34//!     // Save certificate and key
35//!     client.save_certificate(&cert_pem, &key_pem).await?;
36//!
37//!     Ok(())
38//! }
39//! ```
40//!
41//! ## Certificate Providers
42//!
43//! ### Let's Encrypt (Production)
44//!
45//! ```
46//! use armature_acme::AcmeConfig;
47//!
48//! let config = AcmeConfig::lets_encrypt_production(
49//!     vec!["admin@example.com".to_string()],
50//!     vec!["example.com".to_string()],
51//! );
52//! ```
53//!
54//! ### Let's Encrypt (Staging - for testing)
55//!
56//! ```
57//! use armature_acme::AcmeConfig;
58//!
59//! let config = AcmeConfig::lets_encrypt_staging(
60//!     vec!["admin@example.com".to_string()],
61//!     vec!["example.com".to_string()],
62//! );
63//! ```
64//!
65//! ### ZeroSSL (requires EAB)
66//!
67//! ```
68//! use armature_acme::AcmeConfig;
69//!
70//! let config = AcmeConfig::zerossl(
71//!     vec!["admin@example.com".to_string()],
72//!     vec!["example.com".to_string()],
73//!     "your_eab_kid".to_string(),
74//!     "your_eab_hmac_key".to_string(),
75//! );
76//! ```
77//!
78//! ## Challenge Types
79//!
80//! ### HTTP-01 Challenge
81//!
82//! HTTP-01 challenges require serving a file at a specific URL on port 80.
83//!
84//! ```
85//! use armature_acme::{AcmeConfig, ChallengeType};
86//!
87//! let config = AcmeConfig::lets_encrypt_staging(
88//!     vec!["admin@example.com".to_string()],
89//!     vec!["example.com".to_string()],
90//! ).with_challenge_type(ChallengeType::Http01);
91//! ```
92//!
93//! ### DNS-01 Challenge
94//!
95//! DNS-01 challenges require creating a TXT record in your DNS zone.
96//! This is required for wildcard certificates.
97//!
98//! ```
99//! use armature_acme::{AcmeConfig, ChallengeType};
100//!
101//! let config = AcmeConfig::lets_encrypt_staging(
102//!     vec!["admin@example.com".to_string()],
103//!     vec!["*.example.com".to_string()],
104//! ).with_challenge_type(ChallengeType::Dns01);
105//! ```
106//!
107//! ### TLS-ALPN-01 Challenge
108//!
109//! TLS-ALPN-01 challenges require TLS configuration on port 443.
110//!
111//! ```
112//! use armature_acme::{AcmeConfig, ChallengeType};
113//!
114//! let config = AcmeConfig::lets_encrypt_staging(
115//!     vec!["admin@example.com".to_string()],
116//!     vec!["example.com".to_string()],
117//! ).with_challenge_type(ChallengeType::TlsAlpn01);
118//! ```
119//!
120//! ## Integration with Armature
121//!
122//! Use ACME certificates with Armature's HTTPS server:
123//!
124//! ```no_run
125//! use armature_acme::{AcmeClient, AcmeConfig};
126//!
127//! # async fn example() -> Result<(), Box<dyn std::error::Error>> {
128//! // Obtain certificate
129//! let config = AcmeConfig::lets_encrypt_production(
130//!     vec!["admin@example.com".to_string()],
131//!     vec!["example.com".to_string()],
132//! ).with_accept_tos(true);
133//!
134//! let mut client = AcmeClient::new(config).await?;
135//! let (cert_pem, key_pem) = client.order_certificate().await?;
136//! let (cert_path, key_path) = client.save_certificate(&cert_pem, &key_pem).await?;
137//!
138//! // Use with Armature
139//! // let tls_config = TlsConfig::from_pem_files(&cert_path, &key_path)?;
140//! // app.listen_https(443, tls_config).await?;
141//! # Ok(())
142//! # }
143//! ```
144
145pub mod account;
146pub mod challenge;
147pub mod client;
148pub mod config;
149pub mod directory;
150pub mod error;
151pub mod order;
152
153pub use account::*;
154pub use challenge::*;
155pub use client::*;
156pub use config::*;
157pub use directory::*;
158pub use error::*;
159pub use order::*;
armature_acme/lib.rs

armature_acme/
lib.rs
