mirrors/acme4j
1
0
Fork 0
mirror of https://github.com/shred/acme4j.git synced 2025-12-16 11:24:01 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
908da9697d0a8bc8d0b5e7a827a81773a042893d
acme4j/src/doc/docs/index.md
Richard Körber 908da9697d tls-alpn-01 and IP identifier extension got RFC numbers
2020-03-06 00:32:45 +01:00

4.5 KiB
Raw Blame History

acme4j

A Java client for the Automatic Certificate Management Environment (ACME) protocol as specified in RFC 8555.

ACME is a protocol that a certificate authority (CA) and an applicant can use to automate the process of verification and certificate issuance.

This Java client helps connecting to an ACME server, and performing all necessary steps to manage certificates.

It is an independent open source implementation that is not affiliated with or endorsed by Let's Encrypt.

The source code can be found at GitHub and is distributed under the terms of Apache License 2.0.

Latest version: maven central

Features

  • Fully RFC 8555 compliant
  • Supports the http-01, dns-01, and tls-alpn-01 (RFC 8737) challenges
  • Also supports RFC 8738 IP identifier validation
  • Supports the acme-star draft for short-term automatic certificate renewal (experimental)
  • Easy to use Java API
  • Requires JRE 8 (update 101) or higher
  • Built with maven, packages available at Maven Central
  • Requires jose4j, Bouncy Castle and slf4j as dependencies. If you have other means of generating key pairs and CSRs, you can even do without acme4j-utils and Bouncy Castle as dependency.
  • Extensive unit and integration tests

Quick Start

This source code gives an example of how to get a TLS certificate with acme4j.

You can run the org.shredzone.acme4j.ClientTest class in your IDE, with the domains to be registered as parameters. The test client can also be invoked via maven in a command line:

mvn exec:java -Dexec.args="example.com example.org"

By default, the test client registers the domains with the Let's Encrypt staging server via HTTP challenge.

Modules

acme4j consists of five modules. All modules are available at Maven Central and can easily be added to the dependency list of your project. You can also download the jar files at GitHub.

acme4j-client
acme4j-client is the main module. It contains everything that is required to get certificates for domains. It only requires jose4j and slf4j.

The Java module name is org.shredzone.acme4j.

acme4j-utils
acme4j-utils contains utility classes for creating key pairs, CSRs, and certificates. It requires Bouncy Castle though.

The Java module name is org.shredzone.acme4j.utils.

acme4j-example
This module only contains an example code that demonstrates how to get a certificate with acme4j. It depends on acme4j-client and acme4j-utils. It is not useful as a dependency in other projects.
acme4j-it
acme4j-it mainly serves as integration test suite for acme4j itself. It is not really useful as a dependency in other projects. However if you write own integration tests using pebble and pebble-challtestsrv, you may find the challtestsrv configuration client useful in your project.

The Java module name is org.shredzone.acme4j.it.

Contribute

License

acme4j is open source software. The source code is distributed under the terms of Apache License 2.0.