Difference between revisions of "ACME Client"

From Dogtag
Jump to: navigation, search
m (curl)
m (See Also)
 
Line 75: Line 75:
 
* [[OpenShift ACME]]
 
* [[OpenShift ACME]]
 
* [[OpenShift cert-manager]]
 
* [[OpenShift cert-manager]]
 +
* [https://github.com/openshift/certman-operator OpenShift certman-operator]
 
* [[mod_md]]
 
* [[mod_md]]
 
* [[Open Liberty]]
 
* [[Open Liberty]]

Latest revision as of 17:52, 5 October 2020

curl

To get ACME directory:

$ curl -s https://pki.demo.dogtagpki.org/acme/directory | python -m json.tool
{
    "newNonce": "https://pki.demo.dogtagpki.org/acme/new-nonce",
    "newAccount": "https://pki.demo.dogtagpki.org/acme/new-account",
    "newOrder": "https://pki.demo.dogtagpki.org/acme/new-order",
    "newAuthz": "https://pki.demo.dogtagpki.org/acme/new-authz",
    "revokeCert": "https://pki.demo.dogtagpki.org/acme/revoke-cert",
    "keyChange": "https://pki.demo.dogtagpki.org/acme/key-change",
    "meta": {
        "termsOfService": "https://www.dogtagpki.org/wiki/PKI_ACME_Responder",
        "website": "https://www.dogtagpki.org",
        "caaIdentities": [
            "dogtagpki.org"
        ],
        "externalAccountRequired": false
    }
}

To get new nonce:

$ curl -v https://pki.demo.dogtagpki.org/acme/new-nonce
...
< Replay-Nonce: <nonce>
...

To get account orders:

$ curl -s -X POST https://pki.demo.dogtagpki.org/acme/acct/<account>/orders | python -m json.tool
{
    "orders": [
        "https://pki.demo.dogtagpki.org/acme/order/<order>",
        ...
        "https://pki.demo.dogtagpki.org/acme/order/<order>"
    ]
}

certbot

See certbot.

acme.sh

Installation

$ git clone https://github.com/Neilpang/acme.sh.git
$ cd acme.sh
$ ./acme.sh --install

Requesting a Certificate

$ acme.sh --issue -d example.com -d www.example.com -w /home/wwwroot/example.com

See Also