./security/py-acme-tiny, Tiny script to issue and renew TLS certs from Lets Encrypt

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.0.4, Package name: py27-acme-tiny-4.0.4, Maintainer: khorben

This is a tiny, auditable script that you can throw on your server to issue and
renew Let's Encrypt certificates. Since it has to be run on your server and
have access to your private Let's Encrypt account key, I tried to make it as
tiny as possible (currently less than 200 lines). The only prerequisites are
python and openssl.


Required to run:
[lang/python27]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 7927fad282834cc9fc1a9b835ace93006125d4fb
RMD160: 927fa9509d6200dddbab29b2e58cf309e8434369
Filesize: 12.37 KB

Version history: (Expand)


CVS history: (Expand)


   2018-09-08 20:52:18 by Amitai Schleier | Files touched by this commit (3) | Package updated
Log message:
Update to 4.0.4. From the git log:

- Make regular expression accept a whitespace after CN.
- Don't fail on openssl 1.1 output
- Add documentation and support for Red Hat openssl directories
- fix parsing of new (?) openssl output format
- Fix broken Markdown headings
- FIX CN parsing to work with OpenSSL 1.1
- Make acme_tiny.py executable in index
- Minor tweak that makes deploying a tiny bit easier
- OpenSSL output seems to have changed another time.
- fixed changing error message
- fixed more error message case changes
- Fix typos
- switched to grabbing the agreement url from /directory, addresses #145, #148, \ 
#172, #189
- damn python3 bytes-to-strings encoding gets you again...
- added python 3.6 to test coverage
- update SSL config
- mostly working ACMEv2, except for letsencrypt/boulder#3367
- deprecated CA url in favor of using the direct certificate authority directory url
- added badNonce retries
- consolidated external commandline execution error handling to bring back under \ 
200 lines of code
- removed challenge payload that is no longer needed in new acme spec
- updated test coverage to ignore new setup.py file (setup install still gets \ 
tested via test_install.py)
- updated readme to note that ACME v2 certificate downloads now include the \ 
intermediate certificate
- added optional contact details
- fixed buffer to unicode decoding for tests
- cleaned up help and copyright text
- Readme: Only needs access to private account key
- added tiny user agent
- don't skip ValueError when urlopen(Request(nonvalid, ...))
   2018-03-10 18:18:42 by Amitai Schleier | Files touched by this commit (3) | Package updated
Log message:
Find the user agreement URL again, via upstream patch. Bump PKGREVISION.
   2017-02-14 01:38:56 by Pierre Pronchery | Files touched by this commit (4)
Log message:
Import acme-tiny's latest commit (versioned as 0.0.20170214)

This is a tiny, auditable script that you can throw on your server to issue and
renew Let's Encrypt certificates. Since it has to be run on your server and
have access to your private Let's Encrypt account key, I tried to make it as
tiny as possible (currently less than 200 lines). The only prerequisites are
python and openssl.

Tested successfully on NetBSD 7.0.2 (i386).

"please import!" wiz@