Really basic question....

1,737 views
Skip to first unread message

Bear Giles

unread,
Jun 14, 2016, 12:59:05 PM6/14/16
to Let's Encrypt Client Development
Hi, I have a really basic question that is proving to be difficult to answer. (Read: maybe something to add to the documentation. :-)

I'm considering a proof-of-concept demo in an enterprise environment and python isn't an option. I've been trying to determine if the python clients are a front-end to REST calls, and if so what the API is, but getting nowhere. A search of this group looks like some people have asked this before but not gotten a clear answer.

I found this on one of your pages: https://ietf-wg-acme.github.io/acme/ but I don't know how closely you adhere to it or the magic values to put into various places.

Is this information collected somewhere? Or is my option to read the python code and hope my python skills are adequate to the task? It would also be easy to overlook something important like a flag I could set to indicate that it's development work and the certs should not "go live".

Thanks,

Bear

J.C. Jones

unread,
Jun 15, 2016, 10:29:07 AM6/15/16
to Bear Giles, Let's Encrypt Client Development
Hi Bear,

When Let’s Encrypt launched, it did so with a reference client, written in Python, that demonstrated one vision of how to automate certificates; that client is now called CertBot. In the months since launch, the community has developed many more clients in order to satisfy their specific needs, some even built into appliances. There is a community-managed wiki of known clients at the CertBot project. Many of these are written in languages other than Python, so I would encourage you to take a look to see if one meets your needs.

There is also a fair amount of community commentary on many clients located at https://community.letsencrypt.org/ ; just search the forum by the client's name, and you will likely find some information.

All of these clients implement the ACME draft specification, which you've linked to -- Let's Encrypt implements that draft specification as well, so if you construct your own client, you should be able to start with the one bit of magic, the directory URI: https://acme-v01.api.letsencrypt.org/directory

Hope that helps,
J.C.



--
You received this message because you are subscribed to the Google Groups "Let's Encrypt Client Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to client-dev+...@letsencrypt.org.
To post to this group, send email to clien...@letsencrypt.org.
To view this discussion on the web visit https://groups.google.com/a/letsencrypt.org/d/msgid/client-dev/214deb6f-cd6b-4cfc-a93d-63a8af8b1dba%40letsencrypt.org.

Peter Eckersley

unread,
Jun 16, 2016, 2:59:39 PM6/16/16
to J.C. Jones, Bear Giles, Let's Encrypt Client Development
There's also now a client list here:

https://letsencrypt.org/docs/client-options/

To view this discussion on the web visit https://groups.google.com/a/letsencrypt.org/d/msgid/client-dev/CADEAg9THit6omm8Rz%2BJfSxqZuNt8dgdqDywYz1n6Z%2BKcE9AouA%40mail.gmail.com.



--
Peter
Reply all
Reply to author
Forward
0 new messages