Order TLS certificates using ACME TLS-ALPN-01

tinyacme
========

This is a trivial Go wrapper around the net/http and x/crypto/acme packages,
primarily intended for provisioning TLS certificates for non-web services.

Given a list of hostnames as command-line arguments, it resolves them to a
complete set of IPv4 and IPv6 addresses, binds to every address on the https
port tcp/443, then obtains TLS certificates from Let's Encrypt by responding
to TLS-ALPN-01 challenges.

If any of the addresses is in use or not local, tinyacme will die with an
error before any certificates are ordered. Otherwise, for each hostname, a
combined PEM-format key and certificate file is written in the current
directory, with mode 0600 and filename matching the hostname.

On subsequent invocations, tinyacme will first validate existing certificate
files and only renew them if they are invalid or within 30 days of expiry.


Building and installing
-----------------------

To build tinyacme, run 'go build' in the source tree. To install it, copy
the binary into a directory on your path. It should compile and run on any
platform with Go 1.17 or later.

Please report any problems or bugs to Chris Webb 
  .


Copying
-------

tinyacme was written by Chris Webb 
  
    and is distributed
as Free Software under the terms of the MIT license in COPYING.
Owner
Chris Webb
Farmer with a C compiler. Please contact me by email, not via unsolicited GitHub pull requests.
Chris Webb
https://github.com/arachsys/tinyacme
Similar Resources

Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user. Drift

Dec 29, 2022

goArgonPass is a Argon2 Password utility package for Go using the crypto library package Argon2 designed to be compatible with Passlib for Python and Argon2 PHP. Argon2 was the winner of the most recent Password Hashing Competition. This is designed for use anywhere password hashing and verification might be needed and is intended to replace implementations using bcrypt or Scrypt.

goArgonPass Travis: Drone: All hashing and crypto is done by Go library packages. This is only a utility package to make the process described easier.

Sep 27, 2022

A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.

goSecretBoxPassword This is a Golang library for securing passwords it is based on the Dropbox method for password storage. The both passphrases are f

Jan 3, 2023

ID hashing and Obfuscation using Knuth's Algorithm

ID Obfuscation/Hashing Transformer for Go There are many times when you want to generate obfuscated ids. This package utilizes Knuth's Hashing Algorit

Nov 22, 2022

An easy-to-use XChaCha20-encryption wrapper for io.ReadWriteCloser (even lossy UDP) using ECDH key exchange algorithm, ED25519 signatures and Blake3+Poly1305 checksums/message-authentication for Go (golang). Also a multiplexer.

Quick start Prepare keys (on both sides): [ -f ~/.ssh/id_ed25519 ] && [ -f ~/.ssh/id_ed25519.pub ] || ssh-keygen -t ed25519 scp ~/.ssh/id_ed25519.pub

Dec 30, 2022

A convenience library for generating, comparing and inspecting password hashes using the scrypt KDF in Go 🔑

simple-scrypt simple-scrypt provides a convenience wrapper around Go's existing scrypt package that makes it easier to securely derive strong keys ("h

Dec 22, 2022

🌰 encrypt/decrypt using ssh keys

ssh-vault 🌰 encrypt/decrypt using ssh private keys Documentation https://ssh-vault.com Usage $ ssh-vault -h Example: $ echo "secret" | ssh-vault -u

Dec 30, 2022

Create strong passwords using words that are easy for you to remember

Create strong passwords using words that are easy for you to remember

Grasp Create strong passwords using words that are easy for you to remember A way to circumvent password complexity rules and restrictions while only

Nov 3, 2022

Tracee: Linux Runtime Security and Forensics using eBPF

Tracee: Linux Runtime Security and Forensics using eBPF

Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns.

Jan 5, 2023
Related tags
Security tls ssl acme ssl-certificate tls-certificate lets-encrypt tls-alpn-01
:lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
 :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly

Dec 29, 2022
Let's Encrypt client and ACME library written in Go
 Let's Encrypt client and ACME library written in Go

Let's Encrypt client and ACME library written in Go. Features ACME v2 RFC 8555 Register with CA Obtain certificates, both from scratch or with an exis

Dec 27, 2022
Let's Encrypt client and ACME library written in Go
 Let's Encrypt client and ACME library written in Go

Let's Encrypt client and ACME library written in Go. Features ACME v2 RFC 8555 Register with CA Obtain certificates, both from scratch or with an exis

Dec 30, 2022
Secure Boot certificates from the Framework Laptop

Framework Laptop UEFI Secure Boot Certificates Source: Extracted from a live machine (FRANBMCP08) Date: 2021-10-21 KEK (Key Exchange Key) This certifi

Dec 8, 2022
Generate self-signed, trusted certificates for local development.

Development Certificates Generator devcert takes away the pain of creating self-signed certificates for development manually. Usage $ devcert my-proje

Dec 13, 2022
A RSA signing server model, allows to create valid signed certificates that cant be modified
A RSA signing server model, allows to create valid signed certificates that cant be modified

Omega Description a RSA signing server model, allows to create valid signed certificates that cant be modified Requirements MySQL Server GoLang 1.17 I

Nov 15, 2021
Update-java-ca-certificates - Small utility to convert the system trust store to a system Java KeyStore

update-java-ca-certificates This small utility takes care of creating a system-w

Dec 28, 2022
Monitor your certificates and get notified before they expire.
 Monitor your certificates and get notified before they expire.

Sifaka Sifaka is a tool to monitor your x509 certificates or simply websites certificates expirey date. If your organisation is handling some certs re

Apr 16, 2022
androidqf (Android Quick Forensics) helps quickly gathering forensic evidence from Android devices, in order to identify potential traces of compromise.

androidqf androidqf (Android Quick Forensics) is a portable tool to simplify the acquisition of relevant forensic data from Android devices. It is the

Dec 28, 2022
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
 Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe

Jan 6, 2023