Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/djc/instant-acme
Simple ACME client
https://github.com/djc/instant-acme
acme rust
Last synced: 6 days ago
JSON representation
Simple ACME client
- Host: GitHub
- URL: https://github.com/djc/instant-acme
- Owner: djc
- License: apache-2.0
- Created: 2022-05-12T08:02:56.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-08-20T16:17:01.000Z (3 months ago)
- Last Synced: 2024-08-20T18:38:54.255Z (3 months ago)
- Topics: acme, rust
- Language: Rust
- Homepage:
- Size: 111 KB
- Stars: 74
- Watchers: 6
- Forks: 15
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# instant-acme: async, pure-Rust ACME client
[![Documentation](https://docs.rs/instant-acme/badge.svg)](https://docs.rs/instant-acme/)
[![Crates.io](https://img.shields.io/crates/v/instant-acme.svg)](https://crates.io/crates/instant-acme)
[![Build status](https://github.com/djc/instant-acme/workflows/CI/badge.svg)](https://github.com/djc/instant-acme/actions?query=workflow%3ACI)
[![License: Apache 2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](LICENSE-APACHE)instant-acme is an async, pure-Rust ACME (RFC 8555) client.
instant-acme is used in production at [Instant Domain Search](https://instantdomainsearch.com/) to help
us provision TLS certificates within seconds for our customers. instant-acme relies
on Tokio and rustls to implement the [RFC 8555](https://www.rfc-editor.org/rfc/rfc8555.html)
specification.## Features
* Store/recover your account credentials by serializing/deserializing
* Fully async implementation with tracing support
* Support for processing multiple orders concurrently
* Support for external account binding
* Support for certificate revocation
* Uses hyper with rustls and Tokio for HTTP requests
* Uses *ring* or aws-lc-rs for ECDSA signing
* Minimum supported Rust version: 1.63## Cargo features
* `hyper-rustls` (default): use a hyper client with rustls
* `ring` (default): use the *ring* crate as the crypto backend
* `aws-lc-rs`: use the aws-lc-rs crate as the crypto backend
* `fips`: enable the aws-lc-rs crate's FIPS-compliant modeIf both `ring` and `aws-lc-rs` are enabled, which backend is used depends on the `fips` feature.
If `fips` is enabled, `aws-lc-rs` is used; otherwise, `ring` is used.## Limitations
* Only tested with DNS challenges against Let's Encrypt (staging and production) and ZeroSSL (production) so far
* Only supports ECDSA keys for now## Getting started
See the [examples](examples) directory for an example of how to use instant-acme.