Let's Encrypt/ACME client and library written in Go
b668bde5e4
The current implementation of the DNS challenge does not allow to set multiple TXT records at once. As PowerDNS has the concept of record sets, and so all records for the same type and name must set during one call, we would override existing records. To avoid this, we merge the new TXT record with existing ones |
||
---|---|---|
acme | ||
certcrypto | ||
certificate | ||
challenge | ||
cmd | ||
docs | ||
e2e | ||
internal | ||
lego | ||
log | ||
platform | ||
providers | ||
registration | ||
vendor | ||
.dockerignore | ||
.gitcookies.enc | ||
.gitignore | ||
.golangci.toml | ||
.goreleaser.yml | ||
.travis.yml | ||
CHANGELOG.md | ||
CONTRIBUTING.md | ||
Dockerfile | ||
Gopkg.lock | ||
Gopkg.toml | ||
LICENSE | ||
Makefile | ||
README.md |
lego
Let's Encrypt client and ACME library written in Go.
Features
- Register with CA
- Obtain certificates, both from scratch or with an existing CSR
- Renew certificates
- Revoke certificates
- Robust implementation of all ACME challenges
- HTTP (http-01)
- DNS (dns-01)
- TLS (tls-alpn-01)
- SAN certificate support
- Comes with multiple optional DNS providers
- Custom challenge solvers
- Certificate bundling
- OCSP helper function
lego introduced support for ACME v2 in v1.0.0. If you still need to utilize ACME v1, you can do so by using the v0.5.0 version.
Installation
How to install.
Usage
Documentation
Documentation is hosted live at https://go-acme.github.io/lego/.
DNS providers
Detailed documentation is available here.