https://go-acme.github.io/lego/

Let's Encrypt/ACME client and library written in Go
https://go-acme.github.io/lego/

acme acme-client certificate dns letsencrypt rfc8555 rfc8737 rfc8738 security tls

Last synced: about 1 year ago
JSON representation

Let's Encrypt/ACME client and library written in Go

• Host: GitHub
• URL: https://go-acme.github.io/lego/
• Owner: go-acme
• License: mit
• Created: 2015-06-08T00:36:41.000Z (almost 11 years ago)
• Default Branch: master
• Last Pushed: 2025-04-16T15:01:06.000Z (about 1 year ago)
• Last Synced: 2025-04-22T10:12:00.315Z (about 1 year ago)
• Topics: acme, acme-client, certificate, dns, letsencrypt, rfc8555, rfc8737, rfc8738, security, tls
• Language: Go
• Homepage: https://go-acme.github.io/lego/
• Size: 18.8 MB
• Stars: 8,446
• Watchers: 95
• Forks: 1,060
• Open Issues: 156
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-go - go-acme.github.io/lego

README

          


  

  
Automatic Certificates and HTTPS for everyone.



# Lego

Let's Encrypt client and ACME library written in Go.

[![Go Reference](https://pkg.go.dev/badge/github.com/go-acme/lego/v4.svg)](https://pkg.go.dev/github.com/go-acme/lego/v4)

[![Build Status](https://github.com//go-acme/lego/workflows/Main/badge.svg?branch=master)](https://github.com//go-acme/lego/actions)

[![Docker Pulls](https://img.shields.io/docker/pulls/goacme/lego.svg)](https://hub.docker.com/r/goacme/lego/)

## Features

- ACME v2 [RFC 8555](https://www.rfc-editor.org/rfc/rfc8555.html)

  - Support [RFC 8737](https://www.rfc-editor.org/rfc/rfc8737.html): TLS Application‑Layer Protocol Negotiation (ALPN) Challenge Extension

  - Support [RFC 8738](https://www.rfc-editor.org/rfc/rfc8738.html): certificates for IP addresses

  - Support [draft-ietf-acme-ari-03](https://datatracker.ietf.org/doc/draft-ietf-acme-ari/): Renewal Information (ARI) Extension

  - Support [draft-aaron-acme-profiles-00](https://datatracker.ietf.org/doc/draft-aaron-acme-profiles/): Profiles Extension

- Comes with about [150 DNS providers](https://go-acme.github.io/lego/dns)

- Register with CA

- Obtain certificates, both from scratch or with an existing CSR

- Renew certificates

- Revoke certificates

- Robust implementation of ACME challenges:

  - HTTP (http-01)

  - DNS (dns-01)

  - TLS (tls-alpn-01)

- SAN certificate support

- [CNAME support](https://letsencrypt.org/2019/10/09/onboarding-your-customers-with-lets-encrypt-and-acme.html) by default

- [Custom challenge solvers](https://go-acme.github.io/lego/usage/library/writing-a-challenge-solver/)

- Certificate bundling

- OCSP helper function

## Installation

How to [install](https://go-acme.github.io/lego/installation/).

## Usage

- as a [CLI](https://go-acme.github.io/lego/usage/cli)

- as a [library](https://go-acme.github.io/lego/usage/library)

## Documentation

Documentation is hosted live at https://go-acme.github.io/lego/.

## DNS providers

Detailed documentation is available [here](https://go-acme.github.io/lego/dns).

  Active24

  Akamai EdgeDNS

  Alibaba Cloud DNS

  all-inkl

  Amazon Lightsail

  Amazon Route 53

  ArvanCloud

  Aurora DNS

  Autodns

  Axelname

  Azure (deprecated)

  Azure DNS

  Baidu Cloud

  Bindman

  Bluecat

  BookMyName

  Brandit (deprecated)

  Bunny

  Checkdomain

  Civo

  Cloud.ru

  CloudDNS

  Cloudflare

  ClouDNS

  CloudXNS (Deprecated)

  ConoHa

  Constellix

  Core-Networks

  CPanel/WHM

  Derak Cloud

  deSEC.io

  Designate DNSaaS for Openstack

  Digital Ocean

  DirectAdmin

  DNS Made Easy

  dnsHome.de

  DNSimple

  DNSPod (deprecated)

  Domain Offensive (do.de)

  Domeneshop

  DreamHost

  Duck DNS

  Dyn

  Dynu

  EasyDNS

  Efficient IP

  Epik

  Exoscale

  External program

  F5 XC

  freemyip.com

  G-Core

  Gandi

  Gandi Live DNS (v5)

  Glesys

  Go Daddy

  Google Cloud

  Google Domains

  Hetzner

  Hosting.de

  Hosttech

  HTTP request

  http.net

  Huawei Cloud

  Hurricane Electric DNS

  HyperOne

  IBM Cloud (SoftLayer)

  IIJ DNS Platform Service

  Infoblox

  Infomaniak

  Internet Initiative Japan

  Internet.bs

  INWX

  Ionos

  IPv64

  iwantmyname

  Joker

  Joohoi's ACME-DNS

  Liara

  Lima-City

  Linode (v4)

  Liquid Web

  Loopia

  LuaDNS

  Mail-in-a-Box

  ManageEngine CloudDNS

  Manual

  Metaname

  Metaregistrar

  mijn.host

  Mittwald

  myaddr.{tools,dev,io}

  MyDNS.jp

  MythicBeasts

  Name.com

  Namecheap

  Namesilo

  NearlyFreeSpeech.NET

  Netcup

  Netlify

  Nicmanager

  NIFCloud

  Njalla

  Nodion

  NS1

  Open Telekom Cloud

  Oracle Cloud

  OVH

  plesk.com

  Porkbun

  PowerDNS

  Rackspace

  Rain Yun/雨云

  RcodeZero

  reg.ru

  Regfish

  RFC2136

  RimuHosting

  Sakura Cloud

  Scaleway

  Selectel

  Selectel v2

  SelfHost.(de|eu)

  Servercow

  Shellrent

  Simply.com

  Sonic

  Spaceship

  Stackpath

  Technitium

  Tencent Cloud DNS

  Timeweb Cloud

  TransIP

  UKFast SafeDNS

  Ultradns

  Variomedia

  VegaDNS

  Vercel

  Versio.[nl|eu|uk]

  VinylDNS

  VK Cloud

  Volcano Engine/火山引擎

  Vscale

  Vultr

  Webnames

  Websupport

  WEDOS

  West.cn/西部数码

  Yandex 360

  Yandex Cloud

  Yandex PDD

  Zone.ee

  Zonomi

  

  

  

If your DNS provider is not supported, please open an [issue](https://github.com/go-acme/lego/issues/new?assignees=&labels=enhancement%2C+new-provider&template=new_dns_provider.md).