1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
acme-tinier
===========
:compact-option:
'acme-tinier' is a simplified rewrite of acme-tiny in Perl, since Python 3
wanted to take 125 MiB on my machine while Perl is practically everywhere and
the JSON::PP package seems to be present in most of its default installations.
It is not likely to work with any other provider than Let's Encrypt, as the
ACME protocol hasn't been finalised yet and there have been plenty of changes
to it already.
Usage
-----
The following is a minimal script to generate a key and a corresponding
certificate using Let's Encrypt, assuming that a web server is properly set up
to serve the `ACME_DIR` and the user running this, which should in no way be
the root user, can place files in there:
....
#!/bin/sh -ex
[ -f account.key ] || openssl genrsa 4096 > account.key
[ -f intermediate.pem ] || curl -o intermediate.pem \
https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem
DOMAIN=example.com
[ -f $DOMAIN.key ] || openssl genrsa 4096 > $DOMAIN.key
openssl req -new -sha256 -key $DOMAIN.key -nodes \
-subj "/CN=$DOMAIN/emailAddress=me@example.com" > $DOMAIN.csr
ACME_DIR=/srv/http/acme-challenge \
ACCOUNT_KEY=account.key \
ACME_CA='https://acme-staging.api.letsencrypt.org' \
./acme-tinier.pl $DOMAIN.csr > $DOMAIN.crt
cat intermediate.pem >> $DOMAIN.crt
....
The Perl script itself is under 200 hundred lines of code, which is also the
upper limit for development, and you are advised to study it before use.
Contributing and Support
------------------------
Use this project's GitHub to report any bugs, request features, or submit pull
requests. If you want to discuss this project, or maybe just hang out with
the developer, feel free to join me at irc://irc.janouch.name, channel #dev.
Bitcoin donations: 12r5uEWEgcHC46xd64tt3hHt9EUvYYDHe9
License
-------
'acme-tinier' is written by Přemysl Janouch <p.janouch@gmail.com>.
You may use the software under the terms of the ISC license, the text of which
is included within the package, or, at your option, you may relicense the work
under the MIT or the Modified BSD License, as listed at the following site:
http://www.gnu.org/licenses/license-list.html
|