ACME Client

From Dogtag
Revision as of 23:09, 5 August 2020 by Edewata (talk | contribs) (curl)

Jump to: navigation, search

curl

To get ACME directory:

$ curl -s https://pki.demo.dogtagpki.org/acme/directory | python -m json.tool {

   "newNonce": "https://pki.demo.dogtagpki.org/acme/new-nonce",
   "newAccount": "https://pki.demo.dogtagpki.org/acme/new-account",
   "newOrder": "https://pki.demo.dogtagpki.org/acme/new-order",
   "newAuthz": "https://pki.demo.dogtagpki.org/acme/new-authz",
   "revokeCert": "https://pki.demo.dogtagpki.org/acme/revoke-cert",
   "keyChange": "https://pki.demo.dogtagpki.org/acme/key-change",
   "meta": {
       "termsOfService": "https://www.dogtagpki.org/wiki/PKI_ACME_Responder",
       "website": "https://www.dogtagpki.org",
       "caaIdentities": [
           "dogtagpki.org"
       ],
       "externalAccountRequired": false
   }

} </pre>

To get new nonce:

$ curl -v https://pki.demo.dogtagpki.org/acme/new-nonce
...
< Replay-Nonce: <nonce>
...

To get account orders:

$ curl -s -X POST https://pki.demo.dogtagpki.org/acme/acct/<account>/orders | python -m json.tool
{
    "orders": [
        "https://pki.demo.dogtagpki.org/acme/order/<order>",
        ...
        "https://pki.demo.dogtagpki.org/acme/order/<order>"
    ]
}

certbot

See certbot.

acme.sh

Installation

$ git clone https://github.com/Neilpang/acme.sh.git
$ cd acme.sh
$ ./acme.sh --install

Requesting a Certificate

$ acme.sh --issue -d example.com -d www.example.com -w /home/wwwroot/example.com

See Also