letsencrypt/acme client implemented as a shell-script
https://github.com/lukas2511/dehydrated
A client for signing certificates with an ACME-server (currently only provided by letsencrypt) implemented as a relatively simple bash-script.
It uses the openssl utility for everything related to actually handling keys and certificates, so you need to have that installed.
Other dependencies are: curl, sed, grep, mktemp (all found on almost any system, curl being the only exception)
Current features:
* Signing of a list of domains
* Signing of a CSR
* Renewal if a certificate is about to expire or SAN (subdomains) changed
* Certificate revocation
- Developed at security:dehydrated
- Sources inherited from project openSUSE:Factory
-
3
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:seife:Factory/dehydrated && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
README.Fedora | 0000000163 163 Bytes | |
README.hooks | 0000000223 223 Bytes | |
README.maintainer | 0000008772 8.57 KB | |
acme-challenge.conf.apache.in | 0000000327 327 Bytes | |
acme-challenge.conf.nginx.in | 0000000528 528 Bytes | |
dehydrated-0.7.0.tar.gz | 0000086574 84.5 KB | |
dehydrated-0.7.0.tar.gz.asc | 0000000488 488 Bytes | |
dehydrated-postrun-hooks.service | 0000000346 346 Bytes | |
dehydrated-postrun-hooks@.service | 0000000365 365 Bytes | |
dehydrated-rpmlintrc | 0000000048 48 Bytes | |
dehydrated.changes | 0000019615 19.2 KB | |
dehydrated.cron.in | 0000000249 249 Bytes | |
dehydrated.keyring | 0000002353 2.3 KB | |
dehydrated.service | 0000000362 362 Bytes | |
dehydrated.spec | 0000010618 10.4 KB | |
dehydrated.target | 0000000112 112 Bytes | |
dehydrated.timer | 0000000197 197 Bytes | |
dehydrated.tmpfiles.d | 0000000135 135 Bytes | |
dehydrated@.service | 0000000312 312 Bytes | |
dehydrated@.timer | 0000000197 197 Bytes | |
more-examples.patch | 0000001972 1.93 KB |
Revision 22 (latest revision is 27)
Richard Brown (RBrownSUSE)
accepted
request 882190
from
Daniel Molkentin (dmolkentin)
(revision 22)
- Enable instantiated services (boo#1184165) - Prepare instantiated service/timer support but not enable it: This seems to fail due to missing systemd support right now. So the only option at the moment is to copy the timer and unit file for a 2nd instance. Mark all files as part of dehydrated.target - Rework support for /etc/dehydrated/postrun-hooks.d/: dehydrated.service nolonger starts them directly, the support was moved to a separate unit file. Please run: systemctl enable dehydrated-postrun-hooks.service to restore this functionality - Run dehydrated as dehydrated user again - Do not use the full path for config.d in the config files, which will simplify implementing multi instance support. - Added more-examples.patch: Explain how we can have per certificate key algorithms - Add directory where cleanup can archive unused certificates
Comments 0