List of Client Implementations - Add client


#1

Continuing the discussion from List of Client Implementations:

As I cannot reply there any more (do not ask me why), please add the following client by @serverco:

https://github.com/srvrco/getssl - Bash

CC: @jcjones


#2

thanks @rugk loving all the bash related client implementations… something i can follow :smiley:


#3

Added it; I’m guessing the whole Documentation category may be locked from most posters? Anyway, sorry for the (holiday) delay.


#4

@jcjones
This is a (~350 line) Python script based on acme-tiny (~200 line): letsacme
It simplifies getting certificate for shared servers/hosting while supporting the acme-tiny options too and includes some other additional features.

Can you add it too…


#5

I’ll add it, but just FYI, since you don’t have issues enabled on your repo: Please be cautious advising folks to only renew at 00:00 on the 1st of each month. It’s dangerous to prompt a big load spike at that time, especially if some random % of requests time out and don’t retry before expiry. It’s better to toss in some randomness in the time, and much better to have the opportunity for retries by trying daily. See https://letsencrypt.org/howitworks/#writing-your-own-renewal-script


#6

Oooh nice info there of other flags I wasn’t really aware of i.e. --keep-until-renewal

and yes i insert a random sleep interval into my auto renewal cron for my letsencrypt integration so ends up something like

sleep XXXs ; /usr/bin/bash /usr/local/nginx/conf/ssl/le20.http2ssl.xyz/letsencrypt-le20.http2ssl.xyz-cron > /dev/null 2>&1

where XXX is randomised.


#7

Sorry about the issue not being enabled. I have enabled it now. And yes I will look into it ( I just copied that cron job code from acme-tiny). Thanks for your assistance…
Regards,
Jahid


#8

Hello,

I’ve also forked the acme-tiny python client to create a new acme client : acme-dns-tiny (with Github mirror).

It’s goal is also to be tiny, easily readable and it uses DNS verifications to validate domains by use of standard dynamic DNS update messages (with TSIG key authorizations).

I hope it could be useful for let’s encrypt community :slight_smile:

Regards,
Adrien


#9

You can add it by yourself by editing the initial post in the main thread.


#10

I didn’t know, thanks :slight_smile:


#11

oh didn’t know we could edit ourselves :sunglasses: