{"id":14972732,"url":"https://github.com/grindsa/acme2certifier","last_synced_at":"2026-02-16T22:17:10.741Z","repository":{"id":40387983,"uuid":"123762638","full_name":"grindsa/acme2certifier","owner":"grindsa","description":"library implementing ACME server functionality","archived":false,"fork":false,"pushed_at":"2025-04-01T14:43:45.000Z","size":15139,"stargazers_count":201,"open_issues_count":8,"forks_count":42,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-04-12T19:47:47.860Z","etag":null,"topics":["acme","acme-server","ad-cs","certificate-authority","certsrv","cmpv2","django","django-application","ejbca","est","insta-certifier","msca","openxpki","proxy","rfc7030","rfc8555","shaken","stir","tnauh","xca"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/grindsa.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-03-04T06:16:48.000Z","updated_at":"2025-04-02T12:42:28.000Z","dependencies_parsed_at":"2023-10-15T05:34:20.904Z","dependency_job_id":"61778f5b-b85c-4f51-b1d0-a225c02ae87b","html_url":"https://github.com/grindsa/acme2certifier","commit_stats":{"total_commits":2180,"total_committers":15,"mean_commits":"145.33333333333334","dds":0.02752293577981646,"last_synced_commit":"b111fb888f5c913ae24e0de9235a5f23f7dd1a66"},"previous_names":[],"tags_count":59,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grindsa%2Facme2certifier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grindsa%2Facme2certifier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grindsa%2Facme2certifier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/grindsa%2Facme2certifier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/grindsa","download_url":"https://codeload.github.com/grindsa/acme2certifier/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248625497,"owners_count":21135513,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acme","acme-server","ad-cs","certificate-authority","certsrv","cmpv2","django","django-application","ejbca","est","insta-certifier","msca","openxpki","proxy","rfc7030","rfc8555","shaken","stir","tnauh","xca"],"created_at":"2024-09-24T13:47:26.766Z","updated_at":"2026-02-16T22:17:10.736Z","avatar_url":"https://github.com/grindsa.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!-- markdownlint-disable MD013 --\u003e\n\n# acme2certifier\n\n![GitHub release](https://img.shields.io/github/release/grindsa/acme2certifier.svg)\n![GitHub last commit (branch)](https://img.shields.io/github/last-commit/grindsa/acme2certifier/master.svg?label=last%20commit%20into%20master)\n![GitHub last commit (branch)](https://img.shields.io/github/last-commit/grindsa/acme2certifier/devel.svg?label=last%20commit%20into%20devel)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/2581/badge)](https://bestpractices.coreinfrastructure.org/projects/2581)\n\n[![Codecov main](https://img.shields.io/codecov/c/github/grindsa/acme2certifier/master?label=test%20coverage%20master)](https://app.codecov.io/gh/grindsa/acme2certifier/tree/master)\n[![Codecov devel](https://img.shields.io/codecov/c/github/grindsa/acme2certifier/devel?label=test%20coverage%20devel)](https://app.codecov.io/gh/grindsa/acme2certifier/tree/devel)\n\n[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=grindsa_acme2certifier\u0026metric=security_rating)](https://sonarcloud.io/summary/overall?id=grindsa_acme2certifier)\n[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=grindsa_acme2certifier\u0026metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=grindsa_acme2certifier)\n[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=grindsa_acme2certifier\u0026metric=reliability_rating)](https://sonarcloud.io/summary/overall?id=grindsa_acme2certifier)\n[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=grindsa_acme2certifier\u0026metric=alert_status)](https://sonarcloud.io/summary/overall?id=grindsa_acme2certifier)\n\n**acme2certifier** is a development project aimed at creating an **ACME protocol proxy**. Its primary goal is to enable **ACME services** for **CA servers** that do not natively support this protocol.\n\nThe project consists of two main libraries:\n\n- **`acme_srv/*.py`** – Implements ACME server functionality based on [RFC 8555](https://tools.ietf.org/html/rfc8555).\n- **`ca_handler.py`** – Provides an **interface to CA servers**, designed to be modular for easy adaptation to various CA systems.\n The currently available handlers are listed below:\n\n## Supported CA Handlers\n\n| Feature Support | Enrollment (E) | Revocation (R) | [EAB Profiling (P)](docs/eab_profiling.md) |\n| ---------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | -------------- | ------------------------------------------ |\n| [DigiCert® CertCentral](docs/digicert.md) | ✅ | ✅ | ✅ |\n| [Entrust ECS Enterprise](docs/entrust.md) | ✅ | ✅ | ✅ |\n| [EJBCA](docs/ejbca.md) | ✅ | ✅ | ✅ |\n| [Generic ACME Handler](docs/acme_ca.md) (LetsEncrypt, BuyPass.com, ZeroSSL) | ❌ | ❌ | ✅ |\n| [Generic CMPv2 Handler](docs/cmp.md) | ✅ | ❌ | ❌ |\n| [Generic EST Handler](docs/est.md) | ✅ | ❌ | ❌ |\n| [Hashicorp Vault](docs/vault.md) | ✅ | ✅ | ✅ |\n| [Insta ActiveCMS](docs/asa.md) | ✅ | ✅ | ✅ |\n| [Microsoft Certificate Enrollment Web Services](docs/mscertsrv.md) | ✅ | ❌ | ✅ |\n| [Microsoft Windows Client Certificate Enrollment Protocol (MS-WCCE)](docs/mswcce.md) | ✅ | ❌ | ✅ |\n| [NetGuard Certificate Lifecycle Manager](docs/nclm.md) | ✅ | ✅ | ✅ |\n| [NetGuard Certificate Manager/Insta Certifier](docs/certifier.md) | ✅ | ✅ | ✅ |\n| [OpenSSL](docs/openssl.md) | ✅ | ✅ | ❌ |\n| [OpenXPKI](docs/openxpki.md) | ✅ | ✅ | ✅ |\n| [XCA](docs/xca.md) | ✅ | ✅ | ✅ |\n\nFor the latest updates and additional documentation, visit the project's homepage:\n[**acme2certifier on GitHub**](https://github.com/grindsa/acme2certifier)\n\n______________________________________________________________________\n\n## 📌 ChangeLog\n\nRelease notes and changelogs are available at:\n[**GitHub Releases**](https://github.com/grindsa/acme2certifier/releases)\n\n______________________________________________________________________\n\n## 🛠 ACME Client Compatibility\n\nThe following ACME clients are **regularly tested** for compatibility:\n\n- [acme.sh](https://github.com/Neilpang/acme.sh)\n- [acmeshell](https://github.com/cpu/acmeshell/)\n- [Caddy](https://caddyserver.com/docs/automatic-https)\n- [Certbot](https://certbot.eff.org/)\n- [cert-manager](docs/cert-mgr.md)\n- [dehydrated](https://www.rfc-editor.org/rfc/rfc8823.html#name-use-of-acme-for-issuing-end)\n- [lego](https://github.com/go-acme/lego)\n- [traefik](https://traefik.io/)\n- [Posh-ACME](https://github.com/rmbolger/Posh-ACME)\n- [win-acme](https://www.win-acme.com/)\n\nOther clients are **on the list for future testing**.\nIf you test additional ACME clients, feel free to raise an [issue](https://github.com/grindsa/acme2certifier/issues/new) if something does not work as expected.\n\n[List of command-line parameters used for testing](docs/rfc8823_email_identifier.md)\n\n______________________________________________________________________\n\n## 🚀 Features\n\n- **ACME v2 [RFC 8555](https://www.rfc-editor.org/rfc/rfc8555.html) compliant** server implementation, including:\n - [RFC 8737](https://www.rfc-editor.org/rfc/rfc8737.html) – **TLS ALPN-01 Challenge**\n - [RFC 8738](https://www.rfc-editor.org/rfc/rfc8738.html) – **IP Address Certificates**\n - [RFC 8823](https://www.rfc-editor.org/rfc/rfc8823.html) - **Automatic Certificate Management Environment for End-User S/MIME Certificates**\n - [RFC 9773](https://datatracker.ietf.org/doc/rfc9773/) - **ACME Renewal Information (ARI) Extension**\n - [ACME Profiles Extension](docs/acme_profiling.md)\n - **TNAuthList identifiers** ([TNAuthList Profile](docs/tnauthlist.md))\n - [RFC 9447 - Automated Certificate Management Environment (ACME) Challenges Using an Authority Token](https://www.rfc-editor.org/rfc/rfc9447)\n - [Certificate Polling](docs/poll.md) and [Callbacks](docs/trigger.md) for CA servers.\n\nSupported challenge types:\n\n- [http-01](https://tools.ietf.org/html/rfc8555#section-8.3)\n- [dns-01](https://tools.ietf.org/html/rfc8555#section-8.4)\n- [email-reply-00](https://www.rfc-editor.org/rfc/rfc8823.html#name-use-of-acme-for-issuing-end)\n- [tls-alpn-01](https://tools.ietf.org/html/rfc8737)\n- [tkauth-01](https://www.rfc-editor.org/rfc/rfc9447)\n\n______________________________________________________________________\n\n## 📦 Installation\n\n**acme2certifier** can be installed as:\n\n- **WSGI application** (Apache2/Nginx)\n- **Django project** (allows using alternative databases)\n\nThe fastest and most convenient way to install acme2certifier is to use docker containers. There are ready made images available at [dockerhub](https://hub.docker.com/r/grindsa/acme2certifier) and [ghcr.io](https://github.com/grindsa?tab=packages\u0026ecosystem=container) as well as [instructions to build your own container](examples/Docker/).\nIn addition rpm packages for AlmaLinux/CentOS Stream/Redhat EL 9 and deb packages for Ubuntu 22.04 will be provided with every release.\n\nInstallation guides:\n\n- [RPM Installation (AlmaLinux 9)](docs/install_rpm.md)\n- [DEB Installation (Ubuntu 22.04)](docs/install_deb.md)\n- [Docker Build Instructions](examples/Docker/)\n- [Apache2 WSGI Setup (Ubuntu 22.04)](docs/install_apache2_wsgi.md)\n- [Nginx WSGI Setup (Ubuntu 22.04)](docs/install_nginx_wsgi_ub22.md)\n\n## Software Bill Of Material\n\n[SBOMs](https://www.linuxfoundation.org/blog/blog/what-is-an-sbom) for all containers will be automatically created during build process and stored in [my SBOM repository](https://github.com/grindsa/sbom/tree/main/sbom/acme2certifier)\n\n## Contributing\n\nPlease read [CONTRIBUTING.md](docs/CONTRIBUTING.md) for details on my code of conduct, and the process for submitting pull requests. Please note that I have a life besides programming. Thus, expect a delay in answering.\n\n## Versioning\n\nI use [SemVer](http://semver.org/) for versioning. For the versions available, see the [tags on this repository](https://github.com/grindsa/dkb-robo/tags).\n\n## License\n\nThis project is licensed under the GPLv3 - see the [LICENSE](LICENSE) file for details\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrindsa%2Facme2certifier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgrindsa%2Facme2certifier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgrindsa%2Facme2certifier/lists"}