I had previously mentioned Agnos, the acme client I was writing to help obtain wildcard certificates in situations where the DNS provider does not offer an API. I had a very warm welcome and interesting and encouraging comments.
I've taken your feedback into account and the first beta release is now out, with an accompanying blog post!
Blog post: Let's Encrypt Wildcard Certificates Made Easy with Agnos | OCamlPro
GitHub: GitHub - krtab/agnos: Obtain (wildcard) certificates from let's encrypt using dns-01 without the need for API access to your DNS provider.
if I understand correctly, Agnos cannot generate the account keys itself?
You're correct. It's true that it could be a liked feature for some users. How would you expect it to be implemented ?
Does Agnos support ECDSA keys for the certificate? And account keys for that matter?
It seems not, mainly because I'm using a pre-existing acme2 library that has some hardcoded assumption about keys being RSA. Changing it would be possible but would require me to patch upstream.
It sounds necessary. RSA keys are mere steps away from being deprecated (no, not really -- but they do are legacy)
Thanks for the head-up, I'll work on it next time I focus on agnos.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.