Just to let people know, I implemented a client for ACME v2 for .NET projects.
This is a single file with a dependency only on JSON.Net.
Always great to see a simple example for the API, I’m starting to look at what changes we need to make for
Certify SSL Manager: https://certifytheweb and the temptation to write our own bits instead of using a library can be quite strong! DNS challenges are an interesting one, because there are so many DNS API’s people could potentially be using.
Just to clarify, this does not handle any actual DNS update, so the client is entirely agnostic to this. I explicitly marked that as not related to the responsibilities of the client, precisely for the reasons you mentioned.
I know you prefer to implement your own client but have you also seen the certes implementation? https://github.com/fszlin/certes/ - I think that’s one to watch based on the relatively straightforward and thorough implementation.
Thanks for sharing!
I will definitely look into it how you used some system functions better. I’m not a C# dev and haven’t that much of experience with it.
In my PowerShell implementation I had to use a lot of the old COM api, wrote parts of an ASN.1 encoder and even had to call a C function (from the old crypt32.dll). Would be great to replace some of it.
@webprofusion When I started writing it, Certes didn’t support it
However, we used to use Certes, but we moved to our own because we needed really fine grained control over the certificate generation. It also simplify dependency management somewhat.