Expand description
lers
An async, user-friendly Let’s Encrypt/ACMEv2 library. Inspired by acme2, acme-micro, and lego.
Features:
- ACME v2 support (according to RFC 8555)
- Account creation, certificate issuance, certificate renewal, and certificate revocation
- Robust implementation of the HTTP-01, DNS-01, TLS-ALPN-01 challenges
- Custom challenge solvers via
Solver
- External account bindings support
Example
How to obtain a certificate for example.com
from Let’s Encrypt Staging using the
solver::Http01Solver
.
use lers::{solver::Http01Solver, Directory, LETS_ENCRYPT_STAGING_URL};
#[tokio::main]
async fn main() -> anyhow::Result<()> {
// Create and start a new HTTP-01 solver.
let address = "127.0.0.1:8080".parse()?;
let solver = Http01Solver::new();
let handle = solver.start(&address)?;
// Create a new directory for Let's Encrypt Staging
let directory = Directory::builder(LETS_ENCRYPT_STAGING_URL)
.http01_solver(Box::new(solver))
.build()
.await?;
// Create an ACME account to order your certificate. In production, you should store
// the private key, so you can renew your certificate.
let account = directory
.account()
.terms_of_service_agreed(true)
.contacts(vec!["mailto:hello@example.com".into()])
.create_if_not_exists()
.await?;
// Obtain your certificate
let certificate = account
.certificate()
.add_domain("example.com")
.obtain()
.await?;
// You now have your certificate to export to a webserver or store somewhere.
assert!(certificate.x509_chain().len() > 1);
// Stop the HTTP-01 solver since we've issued the certificate.
handle.stop().await?;
Ok(())
}
See the examples/ folder for more examples.
Re-exports
pub use solver::Solver;
Modules
- ACMEv2 API requests and responses
- ACME challenge solvers
Structs
- An ACME account. This is used to identify a subscriber to an ACME server.
- Used to configure a the creation/lookup of an account
- An issued certificate by the ACME server
- Used to configure the ordering of a certificate
- Entry point for accessing an ACME API
- A builder used to create a
Directory
Enums
- Possible errors that could occur
- The possible formats a certificate/private key can be loaded from.
Constants
- The Let’s Encrypt production ACMEv2 API
- The Let’s Encrypt staging ACMEv2 API