https://github.com/letsencrypt/ceremony-demos
Demo files demonstrating what the new hierarchy we generate in 2024 will look like.
https://github.com/letsencrypt/ceremony-demos
Last synced: 10 months ago
JSON representation
Demo files demonstrating what the new hierarchy we generate in 2024 will look like.
- Host: GitHub
- URL: https://github.com/letsencrypt/ceremony-demos
- Owner: letsencrypt
- Created: 2020-08-13T20:52:10.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2023-12-05T19:52:02.000Z (about 2 years ago)
- Last Synced: 2025-04-14T01:13:32.248Z (10 months ago)
- Language: Shell
- Homepage:
- Size: 198 KB
- Stars: 20
- Watchers: 6
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Let's Encrypt Key Ceremony Demos
This directory contains example config files that simulate certificate profiles
used by Let's Encrypt for various key ceremonies in detail. The primary goal is
to gather feedback prior to upcoming key ceremonies. The repository will also
serve as a historical marker of past ceremonies detailing the evolution of the
[Let's Encrypt chain of trust](https://letsencrypt.org/certificates/).
To see generated certificate output for the upcoming ceremony without needing to run this tooling, see the [outputs](./outputs/) folder.
To try it out:
- Install the [`ceremony`](https://github.com/letsencrypt/boulder/blob/main/cmd/ceremony/README.md) tool in your `$PATH`.
```sh
go install https://github.com/letsencrypt/boulder/cmd/ceremony
```
- Install [SoftHSMv2](https://github.com/opendnssec/SoftHSMv2).
```sh
sudo apt install softhsm2
```
- Update the YAML files, if necessary, to reflect that path to your SoftHSMv2
install.
- Execute the demo ceremony.
```sh
./reset.sh && ./run-all.sh
```
- If you're working on a specific branch of boulder making changes to the `ceremony` tool and need to test an uncoming ceremony:
```sh
export CEREMONY_BIN=/path/to/active/development/boulder/bin/ceremony
./run.sh
```