Go to file

Richard Körber f2ae26b822 Make the example universal and CA neutral I like to avoid having different examples for different CAs or scenarios, as it takes unnecessary time to keep them in sync and updated. For this reason, I merged both examples back in a single example again, which now also handles EAB if necessary. I also used a generic example CA (example.org) so no CA is favored in the source code. The desired connection URI must now be configured first, in order to make the example run. The documentation was updated accordingly. Rationale is that I don't want the documentation to be cluttered with all possible CAs, so none of them is favored now.		2024-02-26 18:26:45 +01:00
.github	Enable sponsoring	2023-08-05 14:21:46 +02:00
acme4j-client	Add missing ssl.com unit tests	2024-02-26 18:26:45 +01:00
acme4j-example	Make the example universal and CA neutral	2024-02-26 18:26:45 +01:00
acme4j-it	Add integration tests for the CA providers	2024-02-26 18:26:45 +01:00
acme4j-smime	[maven-release-plugin] prepare for next development iteration	2023-11-15 07:06:11 +01:00
src/doc	Make the example universal and CA neutral	2024-02-26 18:26:45 +01:00
.gitignore	Remove IDE generated files	2019-03-16 16:42:22 +01:00
.gitlab-ci.yml	Fix mvn order in CI deploy stage	2020-06-02 14:10:36 +02:00
CONTRIBUTING.md	AI based code generators are not acceptable for contributions	2022-11-03 16:38:39 +01:00
LICENSE-APL.txt	Initial commit	2015-12-04 21:28:12 +01:00
README.md	Upgrade to draft-ietf-acme-ari-03	2024-02-19 07:44:40 +01:00
pom.xml	Fix unit tests	2023-11-19 21:33:21 +01:00

README.md

ACME Java Client

This is a Java client for the Automatic Certificate Management Environment (ACME) protocol as specified in RFC 8555.

ACME is a protocol that a certificate authority (CA) and an applicant can use to automate the process of verification and certificate issuance.

This Java client helps connecting to an ACME server, and performing all necessary steps to manage certificates.

It is an independent open source implementation that is not affiliated with or endorsed by Let's Encrypt.

Features

Mature and stable code base. First release was in December 2015!
Fully RFC 8555 compliant
Supports the http-01, dns-01, and tls-alpn-01 (RFC 8737) challenges
Supports RFC 8738 IP identifier validation
Supports RFC 8739 short-term automatic certificate renewal (experimental)
Supports RFC 8823 for S/MIME certificates (experimental)
Supports draft-ietf-acme-ari-03 for renewal information
Easy to use Java API
Requires JRE 11 or higher
Built with maven, packages available at Maven Central
Extensive unit and integration tests
Adheres to Semantic Versioning

If you require Java 8 or Android compatibility, you can use acme4j v2 instead. However, v2 is not actively developed anymore and will only receive security fixes.

Dependencies

Bouncy Castle
jose4j
slf4j
For acme4j-smime: Jakarta Mail, Bouncy Castle

Usage

See the online documentation about how to use acme4j.
For a quick start, have a look at the source code of an example.

Announcements

Follow our Mastodon feed for release notes and other acme4j related news.

Mastodon: @acme4j@foojay.social
RSS: https://foojay.social/@acme4j.rss

Contribute

Fork the Source code at GitHub. Feel free to send pull requests (see Contributing for the rules).
Found a bug? File a bug report!

License

acme4j is open source software. The source code is distributed under the terms of Apache License 2.0.

Donate

If you would like to support my work on acme4j, you can do so on at GitHub Sponsors or at Ko-Fi. Thank you!

Acknowledgements

I would like to thank Brian Campbell and all the other jose4j developers. acme4j would not exist without your excellent work.
Thanks to Daniel McCarney for his help with the ACME protocol, Pebble, and Boulder.
Ulrich Krause for his help to make acme4j run on IBM Java VMs.
I also like to thank everyone who contributed to acme4j.
The Mastodon account is hosted by foojay.io.