Comments (11)
manuale as its name suggests...
I use this shell function as a background job: https://github.com/szepeviktor/debian-server-tools/blob/master/security/cert-update-manuale-CN.sh#L31-L49
from manuale.
You may do something similar with your API-based DNS update.
from manuale.
Yes, I already have tooling to do the DNS update, but right now I need something that parses the manuale output and tells it to continue after the DNS change is live. Just want to cleanly split it up.
from manuale.
@szepeviktor since upstream seems to have stopped making any changes, interested in forking this fully?
from manuale.
I am content with the current state of manuale.
from manuale.
Hey,
As you might gather from the project name, I'm surprised to see that people are using this for automated issuance at all. My intention was to create an easy, guided interface for a real person who wants to do things by hand and/or is issuing a single one-off certificate. The only reason authorize and issue are separate commands at all is that a long time ago there wasn't a method to detect an existing authorization for a domain, and authorizations lived longer than certificates. Now that this isn't the case, I've been thinking of rolling the commands into one.
I'm not completely opposed to this idea, but you may be better served by another client designed for the purpose or a custom fork. For example, acme.sh has built-in DNS provider integrations and lets you drop in your own DNS authorization script if needed. Maybe once I get around to doing an ACMEv2 overhaul there could be a single high level guided issuance command and lower level commands for working with authorizations and orders that could be used in automated scripts.
from manuale.
Where I think it's also going to be more relevant is cases that request multiple validations (ACME-08 has renamed them from challenges) be completed, and upcoming validations like ip-01
.
As for other clients, I tried many of them before winding up Manuale. My usage case is not fully automated, but just semi-automated by wrapping Manuale, to authorize & issue via DNS, then securely ship the key+cert to new hosts (they don't even exist yet when the issuance is done).
I'd agree with having a high-level command that does authorize & issue together, which really wraps around lower-level commands (and are also exposed).
Manuale is the closest there is to a good competing Python Library other than Certbot's ACME module. Many others either just wrap certbot's ACME, or provide a minimal implementation.
from manuale.
I am open to a PR :)
from manuale.
https://github.com/schors/perkele/ perkeLE is a fork of ManuaLE
New in perkeLE Support for HTTP validation. (In fact, that's the only validation method supported).
Authorization is separate from certificate issuance. Authorizations last for months on Let's Encrypt: there's no need to waste time validating the domain every time you renew the certificate.
New in perkeLE The authorization can be divided into two parts - get authorization, and check validation. You can distribute verification files manualy.
from manuale.
I like the name!
from manuale.
@f-andrey why was DNS validation dropped?
from manuale.
Related Issues (20)
- How to renew authorisation? HOT 2
- Cert naming HOT 6
- Support authorization deactivation HOT 2
- ECC certs support HOT 3
- Using a CSR without the private key
- Support must-staple extension in CSR
- Display authorization time HOT 2
- Renew
- "issue" usage is incorrect HOT 3
- random certs deauthorzied and can not be renewed HOT 15
- env/bin/python setup.py install fails on OpenBSD 6.1 HOT 2
- Issue should require CSR XOR domain(s)
- Challenge support: tls-sni-01 HOT 1
- Challenge support: tls-sni-02
- Challenge support: ip-01
- ACME v2 support HOT 5
- Python 3.5 deprication notice HOT 5
- 'utf-8' codec can't decode byte 0xc5
- How can I renew certificates ? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from manuale.