https://github.com/go-acme/lego
Let's Encrypt/ACME client and library written in Go
https://github.com/go-acme/lego
acme acme-client certificate dns letsencrypt rfc8555 rfc8737 rfc8738 security tls
Last synced: 12 days ago
JSON representation
Let's Encrypt/ACME client and library written in Go
- Host: GitHub
- URL: https://github.com/go-acme/lego
- Owner: go-acme
- License: mit
- Created: 2015-06-08T00:36:41.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2025-05-04T22:34:03.000Z (20 days ago)
- Last Synced: 2025-05-05T12:58:05.647Z (19 days ago)
- Topics: acme, acme-client, certificate, dns, letsencrypt, rfc8555, rfc8737, rfc8738, security, tls
- Language: Go
- Homepage: https://go-acme.github.io/lego/
- Size: 18.8 MB
- Stars: 8,484
- Watchers: 95
- Forks: 1,065
- Open Issues: 159
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-go - lego - Pure Go ACME client library and CLI tool (for use with Let's Encrypt). (Security / HTTP Clients)
- zero-alloc-awesome-go - lego - Pure Go ACME client library and CLI tool (for use with Let's Encrypt). (Security / HTTP Clients)
- awesomeLibrary - lego - Let's Encrypt/ACME client and library written in Go (语言资源库 / go)
- my-awesome - go-acme/lego - client,certificate,dns,letsencrypt,rfc8555,rfc8737,rfc8738,security,tls pushed_at:2025-04 star:8.4k fork:1.1k Let's Encrypt/ACME client and library written in Go (Go)
- awesome-ccamel - go-acme/lego - Let's Encrypt/ACME client and library written in Go (Go)
- my-awesome-starred - go-acme/lego - Let's Encrypt/ACME client and library written in Go (Go)
- awesome-repositories - go-acme/lego - Let's Encrypt/ACME client and library written in Go (Go)
- awesome-go - lego - Let's Encrypt client and ACME library (Other)
- awesome-list - lego - acme | 4747 | (Go)
- awesome-go - lego - Pure Go ACME client library and CLI tool (for use with Let's Encrypt). Stars:`8.6K`. (Security / HTTP Clients)
- awesome-go-extra - lego - 06-08T00:36:41Z|2022-08-25T14:22:29Z| (Security / HTTP Clients)
- awesome-starred - go-acme/lego - Let's Encrypt/ACME client and library written in Go (Go)
- awesome-starred - go-acme/lego - Let's Encrypt/ACME client and library written in Go (Go)
README
![]()
Automatic Certificates and HTTPS for everyone.
# Lego
Let's Encrypt client and ACME library written in Go.
[](https://pkg.go.dev/github.com/go-acme/lego/v4)
[](https://github.com//go-acme/lego/actions)
[](https://hub.docker.com/r/goacme/lego/)## Features
- ACME v2 [RFC 8555](https://www.rfc-editor.org/rfc/rfc8555.html)
- Support [RFC 8737](https://www.rfc-editor.org/rfc/rfc8737.html): TLS Application‑Layer Protocol Negotiation (ALPN) Challenge Extension
- Support [RFC 8738](https://www.rfc-editor.org/rfc/rfc8738.html): certificates for IP addresses
- Support [draft-ietf-acme-ari-03](https://datatracker.ietf.org/doc/draft-ietf-acme-ari/): Renewal Information (ARI) Extension
- Support [draft-aaron-acme-profiles-00](https://datatracker.ietf.org/doc/draft-aaron-acme-profiles/): Profiles Extension
- Comes with about [150 DNS providers](https://go-acme.github.io/lego/dns)
- Register with CA
- Obtain certificates, both from scratch or with an existing CSR
- Renew certificates
- Revoke certificates
- Robust implementation of ACME challenges:
- HTTP (http-01)
- DNS (dns-01)
- TLS (tls-alpn-01)
- SAN certificate support
- [CNAME support](https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme.html) by default
- [Custom challenge solvers](https://go-acme.github.io/lego/usage/library/writing-a-challenge-solver/)
- Certificate bundling
- OCSP helper function## Installation
How to [install](https://go-acme.github.io/lego/installation/).
## Usage
- as a [CLI](https://go-acme.github.io/lego/usage/cli)
- as a [library](https://go-acme.github.io/lego/usage/library)## Documentation
Documentation is hosted live at https://go-acme.github.io/lego/.
## DNS providers
Detailed documentation is available [here](https://go-acme.github.io/lego/dns).
Active24
Akamai EdgeDNS
Alibaba Cloud DNS
all-inklAmazon Lightsail
Amazon Route 53
ArvanCloud
Aurora DNSAutodns
Axelname
Azure (deprecated)
Azure DNSBaidu Cloud
Bindman
Bluecat
BookMyNameBrandit (deprecated)
Bunny
Checkdomain
CivoCloud.ru
CloudDNS
Cloudflare
ClouDNSCloudXNS (Deprecated)
ConoHa v2
ConoHa v3
ConstellixCore-Networks
CPanel/WHM
Derak Cloud
deSEC.ioDesignate DNSaaS for Openstack
Digital Ocean
DirectAdmin
DNS Made EasydnsHome.de
DNSimple
DNSPod (deprecated)
Domain Offensive (do.de)Domeneshop
DreamHost
Duck DNS
DynDynu
EasyDNS
Efficient IP
EpikExoscale
External program
F5 XC
freemyip.comG-Core
Gandi
Gandi Live DNS (v5)
GlesysGo Daddy
Google Cloud
Google Domains
HetznerHosting.de
Hosttech
HTTP request
http.netHuawei Cloud
Hurricane Electric DNS
HyperOne
IBM Cloud (SoftLayer)IIJ DNS Platform Service
Infoblox
Infomaniak
Internet Initiative Japaniwantmyname
Joker
Joohoi's ACME-DNS
LiaraLima-City
Linode (v4)
Liquid Web
LoopiaLuaDNS
Mail-in-a-Box
ManageEngine CloudDNS
ManualMetaname
Metaregistrar
mijn.host
Mittwaldmyaddr.{tools,dev,io}
MyDNS.jp
MythicBeasts
Name.comNamecheap
Namesilo
NearlyFreeSpeech.NET
NetcupNetlify
Nicmanager
NIFCloud
NjallaNodion
NS1
Open Telekom Cloud
Oracle CloudOVH
plesk.com
Porkbun
PowerDNSRackspace
Rain Yun/雨云
RcodeZero
reg.ruRegfish
RFC2136
RimuHosting
RU CENTERSakura Cloud
Scaleway
Selectel
Selectel v2SelfHost.(de|eu)
Servercow
Shellrent
Simply.comSonic
Spaceship
Stackpath
TechnitiumTencent Cloud DNS
Timeweb Cloud
TransIP
UKFast SafeDNSUltradns
Variomedia
VegaDNS
VercelVersio.[nl|eu|uk]
VinylDNS
VK Cloud
Volcano Engine/火山引擎Vscale
Vultr
Webnames
WebsupportWEDOS
West.cn/西部数码
Yandex 360
Yandex CloudIf your DNS provider is not supported, please open an [issue](https://github.com/go-acme/lego/issues/new?assignees=&labels=enhancement%2C+new-provider&template=new_dns_provider.md).