ACME v02 - Go client implementation


#1

Sorry if this post is not in the right category.

I’m trying to develop a client in Go for the Let’s Encrypt ACME v02 protocol.
I understand the general workflow of the protocol, but I am totally lost for the implementation.

I am using the acme package (this one). I don’t know what methods to use, and I even don’t know if the package supports the v02 of the protocol.

It says that it is a work in progress and makes no API stability promises, but I am not developping for a production use, just in developpment.

Thank you to the one or those who will take some time to enlighten me.


#2

Moved to client dev topic, but that’s about all the help I can give you on this one!


#3

Hi @iAmoric,

It does not presently. You may want to subscribe to this Github issue. There is a work-in-progress changeset out for review: https://go-review.googlesource.com/c/crypto/+/86635

I’m afraid I don’t have experience using x/crypto/acme myself to give you much immediate help. I believe the x/crypto/autocert package is a higher level ACME client of sorts that itself uses the x/crypto/acme library: https://godoc.org/golang.org/x/crypto/acme/autocert You might find studying its source code to be helpful in your quest (though, only for ACME v1 as of now). If you’re still struggling it might help to hear what you’ve tried and what you’re uncertain about.

Good luck!


#4

Both lego and eggsampler/acme provide Go implementations of ACME v2.

Both also provide example clients to demonstrate library usage.


#5

Thanks for your answer.
Do you know if lego supports wildcard certificates ? It support SAN certificates but there is no mention about wildcard certificates


#6

Both libraries “support” wildcard certificates insofar as they support ACME v2.

There’s not anything specific to wildcards in the ACME protocol (as far as clients are concerned), you just pass *.example.org as one of the identifiers in the ACME order.