Can I use certbot in a flask app?


#1

I want to create a simple flask app where I could then make calls via a website.

Would it make sense to import the certbot library from within flask or is that not possible?

Or are my real options:

  1. use acme and write the code myself
  2. make shell calls from within a web app that call certbot directly?

#2

Hi @whateverssl,

You can certainly use Certbot’s lower level acme package/library from within Flask: https://letsencrypt.readthedocs.io/projects/acme/en/stable/index.html That’s a middle option between making shell calls to the Certbot binary or having to read/implement the ACME draft-rfc yourself from scratch.

That module doesn’t provide as high-level of an experience as using Certbot and (personally anyway) I find it can be a little tricky to understand from the docs alone. Boulder (the Let’s Encrypt server-side CA software) has two small test clients that use the acme module that can be useful references to read through alongside the module docs:

Hope that helps!


#3

Could I use certbot’s internal API from within flask?
I’m not a python guru but would it be possible use certbot as a library from within a flask app?


#4

Specifically I want to be able to list all the certificates and get info like expiration would is what the cert_manager.py method certificates does.

Could this method be called from within flask somehow?


#5

I don’t believe you can use the certbot internals like this. The acme module is lower level and assumes you will keep track of the certificates yourself and doesn’t offer you access to Certbot certificates.

Unfortunately I’m not an experienced Python developer or a Certbot developer. Maybe someone more versed in either of those subjects will be able to offer further advice. Given the two options on the table in your shoes I would probably accept the burden of having to manage more of the certificate lifecycle/storage with my own code & the acme module rather than shell out to Certbot from a web application.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.