acme-client 0.2.0

Easy to use ACME client library to issue, renew and revoke TLS certificates
Documentation

Easy to use Let's Encrypt compatible Automatic Certificate Management Environment (ACME) client library.

Spec is available in https://tools.ietf.org/html/draft-ietf-acme-acme

Examples

Signing certificate for example.org:

# use self::acme_client::AcmeClient;
AcmeClient::new()
    .and_then(|ac| ac.set_domain("example.org"))
    .and_then(|ac| ac.register_account(Some("contact@example.org")))
    .and_then(|ac| ac.identify_domain())
    .and_then(|ac| ac.save_http_challenge_into("/var/www"))
    .and_then(|ac| ac.simple_http_validation())
    .and_then(|ac| ac.sign_certificate())
    .and_then(|ac| ac.save_domain_private_key("domain.key"))
    .and_then(|ac| ac.save_signed_certificate("domain.crt"));

Using your own keys and CSR to sign certificate:

# use self::acme_client::AcmeClient;
AcmeClient::new()
    .and_then(|ac| ac.set_domain("example.org"))
    .and_then(|ac| ac.load_user_key("user.key"))
    .and_then(|ac| ac.load_domain_key("domain.key"))
    .and_then(|ac| ac.load_csr("domain.csr"))
    .and_then(|ac| ac.register_account(Some("contact@example.org")))
    .and_then(|ac| ac.identify_domain())
    .and_then(|ac| ac.save_http_challenge_into("/var/www"))
    .and_then(|ac| ac.simple_http_validation())
    .and_then(|ac| ac.sign_certificate())
    .and_then(|ac| ac.save_domain_private_key("domain.key"))
    .and_then(|ac| ac.save_signed_certificate("domain.crt"));

Or you can use this library to generate keys and CSR, and use it later:

# use self::acme_client::AcmeClient;
AcmeClient::new()
    .and_then(|ac| ac.set_domain("example.org"))
    .and_then(|ac| ac.gen_user_key())
    .and_then(|ac| ac.gen_domain_key())
    .and_then(|ac| ac.gen_csr())
    .and_then(|ac| ac.save_user_public_key("user.pub"))
    .and_then(|ac| ac.save_user_private_key("user.pub"))
    .and_then(|ac| ac.save_domain_public_key("domain.pub"))
    .and_then(|ac| ac.save_domain_private_key("domain.key"))
    .and_then(|ac| ac.save_csr("domain.csr"));

Revoking signed certificate:

# use self::acme_client::AcmeClient;
AcmeClient::new()
    .and_then(|ac| ac.load_user_key("tests/user.key"))
    .and_then(|ac| ac.load_certificate("domain.crt"))
    .and_then(|ac| ac.revoke_signed_certificate());