ACMESharp
ACMESharp copied to clipboard
ebekker
ACMEv2
First I wanted to say great work! I could set up and automate let's encrypt in no time at all.
I was curious to know if you intended to support the incoming ACMEv2 protocol (including wildcard certificates), and mostly if you expect the syntax of ACMESharp to be backward compatible, ie a script written today will not need to be redesigned in a year?
Yes, I intend to add support for ACMEv2, but I haven't looked into it yet. Until I look at the details of the changes in the protocol formats or semantics, it's hard to say if there will be any breaking changes to the ACMESharp client library or the POSH module.
But if possible, I'll try to preserve backward-compatibility.
@GustavoAmerico Wildcard Support has been postponed by LetsEncrypt (see here) ... so its more up to letsencrypt to support that... then such libs like ACMESharp can pick it up.
Thanks for the message, I'm looking forward to the update, I hope they do not encounter problems in the implementation TLS-SNI-03 validation
Thanks for the great work guys 👏👏 Letsencrypt just announced wildcard support. When can we expect it on ACMEsharp? I'm using Win-ACME which depends on ACMESharp.
Hi @ebekker ,
thanks for your work. I really appreciate your work so far. Do you have any update on this matter?
Any more updates on when ACMEsharp will support wild card certs? Lets Encrypt went live with it already.
The last issues which where handled are from October 2017, considering the fact that this is now 6 months ago (a half year) I think this project is death. It was a very great one as it offered an powershell api we could use on Windows like the unix guys could do on there environment since ages... I personally think its time to check other options...
I have implemented one a month ago and I am considering sharing it on GH. However it uses Azure Key Vault in its current implementation so it’s not as generał purpose as ACMESharp, but it is much more secure, because private key never leaves the Vault during enrollment...
In generał I do not intend to create a competitive project... but ACMEv2 is so simple it was easier to write a new project from scratch than to improve this one....
@AndreiPukrov I don't think the project is dead. Just that the original dev @ebekker I'm guessing is busy, he has stated he intends on adding support and there is a project open for it.
NB: I really am guessing, I don't know anything or even @ebekker :-)
Are there any plans to have v2 support for the existing .net library? I am using that library at the moment and it works great, but I would like wildcard support to work, but if there won't be any support for that in the old library, do we need to port our code to work with .net core?
Sorry, yes ACME v2 support is complete over in this library.
I don't currently have any plans to back port it, as the newer library is structured better. Are you interested in the library (.NET assembly) or in the PowerShell module?
Hello ! I'm interesting in the PowerShell module. Will it be available with your ACME-Sharp Core project?
Well this is extremely annoying. They just deprecated the ACME v1 API for staging, and it is going away in production in November. Unfortunately while the new ACMESharpCore library supports the v2 protocol, the API is completely different so my code needs to be completely re-written.
How much work would be involved in updating this library and it's existing API's to support the v2 protocol, so those who invested time writing code to the older API's can avoid a complete re-write before November?
Well this is extremely annoying. They just deprecated the ACME v1 API for staging, and it is going away in production in November. Unfortunately while the new ACMESharpCore library supports the v2 protocol, the API is completely different so my code needs to be completely re-written.
How much work would be involved in updating this library and it's existing API's to support the v2 protocol, so those who invested time writing code to the older API's can avoid a complete re-write before November?
A very similar module can be found here: https://github.com/rmbolger/Posh-ACME maybe it could be useful for you? I used it to adapt my existing code and it was quite simple to use :)
Well as has been pointed out when I asked the ACME folks, the v1 and v2 protocols are quite different so its going to be a re-write no matter what. But I just finished the re-write and it is working nicely now. I ended up using a simpler library called Certes this time around.
Hi. I didn't know about the coming change from ACME v1 to ACME v2 until I saw the following error in the log recently: Error creating new authz :: Validations for new domains are disabled in the V1 API
I have an old code that wasn't written by me that uses ACMECSharp.dll for Authorize and SetSertificate. Now I downloaded both Certes and ACMECSharpCore, but the concept in both is completely different and I don't know where to start from. I need only 2 actions: Authorize (with Challenge, .well-known and all that stuff) and SetSertificate (create PFX file). Is there any documentation / code examples of any of the clients - Certes and ACMECSharpCore? Both have different Unit Test examples, but they don't help so far.
