Announcing uacme, a lightweight ACMEv2 client written in C


uacme is an open source, lightweight ACMEv2 client, written in plain C with minimal dependencies. I just released version 1.0 at the following address

An html version of the man page is available

I believe at this time uacme is the only ACMEv2 compatible client written in plain C. The only dependencies are libcurl and gnutls.


it’s small enough for use in Openwrt(80k), but not guntls is quite big in router world (additional 600kB from installing gnutls) Could you add version that use libmbedtls?


It is feasible. Give me some time and I’ll see what I can do.


As you requested I’ve added support for mbedTLS as an alternative to GnuTLS. You can switch at configure stage:

./configure --with-mbedtls

Note, you will probably need to also recompile libcurl with mbedTLS support, otherwise it may pull OpenSSL or GnuTLS.

Let me know if it works for you.


Nearly a week ago I submitted a pull request to get this listed at but so far it has not been even reviewed yet. Is there anything I didn’t do right in the pull request?

I guess it’s a good question who is responsible for reviewing these. @jple, do you know who can review and update these? Over at

I see six pending pull requests related to the list of ACME clients (of which @ndilieto’s is the most recent).

I got a request to add support for building with OpenSSL, which I added to the master branch with commit 656b6e53. I’d appreciate any third party testing before I make a proper release.

BTW, the pull request on the Let’s Encrypt client page is stil pending…

Manpage link updated to
Also added including getting started instructions

1 Like

A user requested ECC key/certificate support which I’ve just committed in the github repo. For more info see

As usual I’d appreciate third party testing before releasing it properly.


New version 1.0.11 available with support for ACME account key rollover:

1 Like

As I have no time to do this myself, I am looking for volunteers who would like to contribute hook scripts to integrate UACME .with any DNS API providers. I’ll add quality scripts to the official distribution.

1 Like

This is now being packaged for OpenWRT.

you can’t easily fit and use it in a 8MB flash router if it’s not included in the squashfs partition
the dependencies for acme are

114K ca-bundle_20190110-1_all.ipk
48K curl_7.65.0-1_x86_64.ipk
127K libcurl4_7.65.0-1_x86_64.ipk
1.5M libopenssl1.1_1.1.1c-1_x86_64.ipk
181K libmbedtls12_2.16.1-1_x86_64.ipk
4.8K libopenssl-conf_1.1.1c-1_x86_64.ipk
259K openssl-util_1.1.1c-1_x86_64.ipk

and uacme

114K ca-bundle_20190110-1_all.ipk
127K libcurl4_7.65.0-1_x86_64.ipk
181K libmbedtls12_2.16.1-1_x86_64.ipk

and ~25K for the uacme itself


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.