Simple Let’s Encrypt client.
simp_le --email you@example.com -f account_key.json \
-f fullchain.pem -f key.pem \
-d example.com -d www.example.com --default_root /var/www/html \
-d example.net:/var/www/other_htmlFor more info see simp_le --help.
- UNIX philosophy: Do one thing and do it well!
simp_le --valid_min ${seconds?} -f cert.pemimplies thatcert.pemis valid for at at leastvalid_min. Register new ACME CA account if necessary. Issue new certificate if no previous key/certificate/chain found. Renew only if necessary.- (Sophisticated) “manager” for
${webroot?}/.well-known/acme-challengeonly. No challenges other thanhttp-01. Existing web-server must be running already. - No magical webserver auto-configuration.
- Owner of
${webroot?}/.well-known/acme-challengemust be able to run the script, without privilege escalation (sudo,root, etc.). crontabfriendly: fully automatable - no prompts, etc.- No configuration files. CLI flags as the sole interface! Users should write their own wrapper scripts or use shell aliases if necessary.
- Support multiple domains with multiple roots. Always create single
SAN certificate per
simp_lerun. - Flexible storage capabilities. Built-in
simp_le -f fullchain.pem -f key.pem,simp_le -f chain.pem -f cert.pem -f key.pem, etc. Extensions throughsimp_le -f external.sh. - Do not allow specifying output file paths. Users should symlink if necessary!
- No need to allow specifying an arbitrary command when renewal has
happened, just check the exit code:
0if certificate data was created or updated;1if renewal not necessary;2in case of errors.
--server(support multiple CAs).- Support for revocation.
sudo ./bootstrap.sh
./venv.sh
export PATH=$PWD/venv/bin:$PATHHave a look into ./examples/ and
https://github.com/kuba/simp_le/wiki/Examples.
If you’re having problems you can chat with us on IRC (#simp_le at Freenode)