NAME¶

acme-tiny - letsencrypt tiny python client

SYNOPSIS¶

acme-tiny [-h] --account-key ACCOUNT_KEY --csr CSR --acme-dir ACME_DIR [--quiet] [--disable-check] [--directory-url DIRECTORY_URL] [--contact [CONTACT [CONTACT ...]]]

DESCRIPTION¶

This script automates the process of getting a signed TLS certificate from Let's Encrypt using the ACME protocol. It will need to be run on your server and have access to your private account key, so PLEASE READ THROUGH IT! It's only ~200 lines, so it won't take long.

OPTIONS¶

-h, --help

Show summary of options

--account-key ACCOUNT_KEY

Path to your Let's Encrypt account private key

--csr CSR

Path to your certificate signing request

--acme-dir ACME_DIR

Path to the .well-known/acme-challenge/ directory

--quiet

Suppress output except for errors

--disable-check

Disable checking if the challenge file is hosted correctly before telling the CA

--directory-url DIRECTORY_URL

Certificate authority directory url, default is Let's Encrypt

--contact [CONTACT [CONTACT ...]]

Contact details (e.g. mailto:aaa@bbb.com) for your account-key

EXAMPLES¶

acme-tiny --account-key ./account.key --csr ./domain.csr --acme-dir /usr/share/nginx/html/.well-known/acme-challenge/ > signed_chain.crt

EXAMPLE CRONTAB RENEWAL¶

0 0 1 * * acme_tiny --account-key /path/to/account.key --csr /path/to/domain.csr --acme-dir /usr/share/nginx/html/.well-known/acme-challenge/ > /path/to/signed_chain.crt 2>> /var/log/acme_tiny.log

SEE ALSO¶

openssl(1), https://letsencrypt.org/, https://github.com/diafygi/acme-tiny#acme-tiny.