From 9b8462d6a5b342dd7b79762bc7732dac104c8e62 Mon Sep 17 00:00:00 2001 From: Přemysl Janouch Date: Tue, 16 May 2017 20:47:42 +0200 Subject: Add README --- README.adoc | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 README.adoc diff --git a/README.adoc b/README.adoc new file mode 100644 index 0000000..a8c6f1a --- /dev/null +++ b/README.adoc @@ -0,0 +1,57 @@ +acme-tinier +=========== +:compact-option: + +'acme-tinier' is a simplified rewrite of acme-tiny in Perl, since Python 3 +wanted to take 125 MiB on my machine while Perl is practically everywhere and +the JSON::PP package seems to be present in most of its default installations. + +It is not likely to work with any other provider than Let's Encrypt, as the +ACME protocol hasn't been finalised yet and there have been plenty of changes +to it already. + +Usage +----- +The following is a minimal script to generate a key and a corresponding +certificate using Let's Encrypt, assuming that a web server is properly set up +to serve the `ACME_DIR` and the user running this, which should in no way be +the root user, can place files in there: +.... +#!/bin/sh -ex +[ -f account.key ] || openssl genrsa 4096 > account.key +[ -f intermediate.pem ] || curl -o intermediate.pem \ + https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem + +DOMAIN=example.com + +[ -f $DOMAIN.key ] || openssl genrsa 4096 > $DOMAIN.key +openssl req -new -sha256 -key $DOMAIN.key -nodes \ + -subj "/CN=$DOMAIN/emailAddress=me@example.com" > $DOMAIN.csr + +ACME_DIR=/srv/http/acme-challenge \ +ACCOUNT_KEY=account.key \ +ACME_CA='https://acme-staging.api.letsencrypt.org' \ +./acme-tinier.pl $DOMAIN.csr > $DOMAIN.crt +cat intermediate.pem >> $DOMAIN.crt +.... + +The Perl script itself is under 200 hundred lines of code, which is also the +upper limit for development, and you are advised to study it before use. + +Contributing and Support +------------------------ +Use this project's GitHub to report any bugs, request features, or submit pull +requests. If you want to discuss this project, or maybe just hang out with +the developer, feel free to join me at irc://irc.janouch.name, channel #dev. + +Bitcoin donations: 12r5uEWEgcHC46xd64tt3hHt9EUvYYDHe9 + +License +------- +'acme-tinier' is written by Přemysl Janouch . + +You may use the software under the terms of the ISC license, the text of which +is included within the package, or, at your option, you may relicense the work +under the MIT or the Modified BSD License, as listed at the following site: + +http://www.gnu.org/licenses/license-list.html -- cgit v1.2.3-70-g09d2