./security/py-acme-tiny, Tiny script to issue and renew TLS certs from Lets Encrypt

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.1.0nb1, Package name: py37-acme-tiny-4.1.0nb1, Maintainer: khorben

This is a tiny, auditable script that you can throw on your server to issue and
renew Let's Encrypt certificates. Since it has to be run on your server and
have access to your private Let's Encrypt account key, I tried to make it as
tiny as possible (currently less than 200 lines). The only prerequisites are
python and openssl.


Required to run:
[security/openssl] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: e814cfc62aa7a3f32d3796127405a560ed64084c
RMD160: f4b2fe55d4c989a4b284a0fe388a772f1517e4ee
Filesize: 12.477 KB

Version history: (Expand)


CVS history: (Expand)


   2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)
Log message:
*: Recursive revision bump for openssl 1.1.1.
   2019-11-04 22:13:04 by Roland Illig | Files touched by this commit (118)
Log message:
security: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.
   2019-07-22 03:36:14 by Amitai Schleier | Files touched by this commit (2) | Package updated
Log message:
Update to 4.1.0. From the git log:

- apparently the Let's Encrypt test server is rejecting example.com emails
- added official python 3.7 support in setup.py
- fixed #226, start using POST-as-GET for GET requests
- fixed additional POST-as-GET
- addresses #205, a situation where polling may hang indefinitely
- Also accept critical SAN extensions.
- fixed #222, we shouldn't delete the challenge files on errors, but we
  should clean them up on success
   2018-09-08 20:52:18 by Amitai Schleier | Files touched by this commit (3) | Package updated
Log message:
Update to 4.0.4. From the git log:

- Make regular expression accept a whitespace after CN.
- Don't fail on openssl 1.1 output
- Add documentation and support for Red Hat openssl directories
- fix parsing of new (?) openssl output format
- Fix broken Markdown headings
- FIX CN parsing to work with OpenSSL 1.1
- Make acme_tiny.py executable in index
- Minor tweak that makes deploying a tiny bit easier
- OpenSSL output seems to have changed another time.
- fixed changing error message
- fixed more error message case changes
- Fix typos
- switched to grabbing the agreement url from /directory, addresses #145, #148, \ 
#172, #189
- damn python3 bytes-to-strings encoding gets you again...
- added python 3.6 to test coverage
- update SSL config
- mostly working ACMEv2, except for letsencrypt/boulder#3367
- deprecated CA url in favor of using the direct certificate authority directory url
- added badNonce retries
- consolidated external commandline execution error handling to bring back under \ 
200 lines of code
- removed challenge payload that is no longer needed in new acme spec
- updated test coverage to ignore new setup.py file (setup install still gets \ 
tested via test_install.py)
- updated readme to note that ACME v2 certificate downloads now include the \ 
intermediate certificate
- added optional contact details
- fixed buffer to unicode decoding for tests
- cleaned up help and copyright text
- Readme: Only needs access to private account key
- added tiny user agent
- don't skip ValueError when urlopen(Request(nonvalid, ...))
   2018-03-10 18:18:42 by Amitai Schleier | Files touched by this commit (3) | Package updated
Log message:
Find the user agreement URL again, via upstream patch. Bump PKGREVISION.
   2017-02-14 01:38:56 by Pierre Pronchery | Files touched by this commit (4)
Log message:
Import acme-tiny's latest commit (versioned as 0.0.20170214)

This is a tiny, auditable script that you can throw on your server to issue and
renew Let's Encrypt certificates. Since it has to be run on your server and
have access to your private Let's Encrypt account key, I tried to make it as
tiny as possible (currently less than 200 lines). The only prerequisites are
python and openssl.

Tested successfully on NetBSD 7.0.2 (i386).

"please import!" wiz@