Results 1 to 7 of 7

Thread: ACME-Client writed on C

  1. #1
    Join Date
    Nov 2021
    Beans
    0

    ACME-Client writed on C

    I and my girlfriend are working on debianizing acme-client application

    https://github.com/baytuch/acme-client

    /etc/acme-client.conf:
    Code:
    authority letsencrypt {
      api url "https://acme-v02.api.letsencrypt.org/directory"
      account key "/etc/acme/letsencrypt-privkey.pem"
    }
    
    authority letsencrypt-staging {
      api url "https://acme-staging-v02.api.letsencrypt.org/directory"
      account key "/etc/acme/letsencrypt-staging-privkey.pem"
    }
    
    domain example.com {
      alternative names { example.com www.example.com }
      domain key "/etc/ssl/example/private/privkey.pem"
      domain certificate "/etc/ssl/example/cert.pem"
      domain full chain certificate "/etc/ssl/example/chain.pem"
      sign with letsencrypt
      challengedir "/var/www/acme"
    }

    /etc/apache2/conf-available/acme.conf:
    Code:
    Alias /.well-known/acme-challenge /var/www/acme/
    
    <Directory "/var/www/acme/">
        Options -Indexes
    </Directory>
    Enable conf for acme client:
    Code:
    sudo a2enconf acme

    reissue script example
    certs_reissue.sh :
    Code:
    #!/bin/sh
    
    rm -f /etc/ssl/example/chain.pem
    rm -f /etc/ssl/example/cert.pem
    
    acme-client -Fv example.com || exit 1
    
    rm -f /etc/apache2/SSL/example/private/privkey.pem
    rm -f /etc/apache2/SSL/example/cert.pem
    rm -f /etc/apache2/SSL/example/chain.pem
    cp /etc/ssl/example/private/privkey.pem /etc/apache2/SSL/example/private/privkey.pem
    cp /etc/ssl/example/cert.pem /etc/apache2/SSL/example/cert.pem
    cp /etc/ssl/example/chain.pem /etc/apache2/SSL/example/chain.pem
    
    systemctl stop apache2
    systemctl start apache2
    crontab:
    Code:
    5       2       1       *       *       /usr/lib/vps/certs_reissue.sh >/dev/null 2>&1
    Create pkg:
    Code:
    sudo apt-get install build-essential
    sudo apt-get install fakeroot dh-make
    sudo apt-get install bison
    sudo apt-get install autoconf
    sudo apt-get install libssl-dev
    sudo apt-get install libbsd0 libbsd-dev
    git clone https://github.com/baytuch/acme-client.git
    cd acme-client/
    dpkg-buildpackage -rfakeroot -b --no-sign

    https://github.com/baytuch/acme-clie...8.04_amd64.deb
    https://github.com/baytuch/acme-clie...0.04_amd64.deb
    Last edited by baytuch; November 15th, 2021 at 07:16 PM.

  2. #2
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: OpenBSD ACME-Client

    openbsd isn't Ubuntu. Was that added to the title incorrectly or should this be moved to a different sub-forum?

  3. #3
    Join Date
    Jul 2008
    Location
    The Left Coast of the USA
    Beans
    Hidden!
    Distro
    Kubuntu

    Re: OpenBSD ACME-Client

    Regardless of the OS, this reads like an answer to a question not asked. What is your purpose?
    Please read The Forum Rules and The Forum Posting Guidelines

    A thing discovered and kept to oneself must be discovered time and again by others. A thing discovered and shared with others need be discovered only the once.
    This universe is crazy. I'm going back to my own.

  4. #4
    Join Date
    Nov 2021
    Beans
    0

    Re: ACME-Client writed on C

    title fixed

  5. #5
    Join Date
    Jul 2008
    Location
    The Left Coast of the USA
    Beans
    Hidden!
    Distro
    Kubuntu

    Re: ACME-Client writed on C

    And what is the purpose of your thread?
    Please read The Forum Rules and The Forum Posting Guidelines

    A thing discovered and kept to oneself must be discovered time and again by others. A thing discovered and shared with others need be discovered only the once.
    This universe is crazy. I'm going back to my own.

  6. #6
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: ACME-Client writed on C

    So ... is this a port of some BSD program to linux? I've barely touched BSD the last 20 yrs.

    We are in the "Chat" sub-forum, so I'm chatting.

    Installation using .deb files is about 5th on the 'best' ways to install software on Ubuntu systems. A PPA would really make a huge difference ( #2 on the priority list). Some .deb files will add their PPA and keys to the system as part of the install process so updates are automatic. Most don't seem to do that, however.

    Any plans to support flatpak, appimage or snap packages? For something like getting new LE certificates and renewals, a snap might be nice for some people - especially those using Ubuntu Core (the IoT OS https://discourse.ubuntu.com/t/using-core/19805 ), which is basically a snap-only platform. https://discourse.ubuntu.com/t/snaps...ntu-core/19730

    I've been using acme.sh to keep this stuff simple. Failed to get the other, popular, tool to work for my renewal needs. I have to drop most of our firewall rules on port 80/443 so LE will renew. Also, I'd rather NOT even have port 80 open to the internet all all - ever, but LE seems to use that for renewals. I've never understood why.

  7. #7
    Join Date
    Nov 2021
    Beans
    0

    Re: ACME-Client writed on C

    Project added to PPA:

    sudo add-apt-repository ppa:baytuch/acme-client
    sudo apt-get update

    sudo apt-get install acme-client
    Last edited by baytuch; November 18th, 2021 at 07:31 AM.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •