Posh-ACME is a PowerShell based ACMEv2 client that supports both Windows PowerShell 5.1+ and PowerShell Core 6.0+. You can find the project site here:
You can download directly from GitHub or install via PowerShellGallery
Here are the 3.0.0 release notes from the changelog:
- Potentially breaking changes
- Many ACME protocol messages that previously used GET requests have been changed to POST-as-GET to comply with the latest ACME draft-16. Let’s Encrypt already supports the new draft, but other ACME servers may not yet.
CertIssueTimeoutparam was removed from
Submit-OrderFinalizebecause it wasn’t actually being used properly in the former and doesn’t seem necessary anymore.
- New Feature: Generate certs from an existing certificate request which can be useful for appliances that generate their own keys and CSRs. (Thanks @virot)
New-PAOrderthat removes the need for
Installparameters when used. Most values will be extracted from the CSR.
- Certs generated using this method will not have PFX files created because there is no private key.
- Certs generated using this method can not be automatically installed to the Windows cert store because there are no PFX files.
ForDNSparameter which returns the actual TXT value necessary for the dns-01 challenge. (Thanks @chandan1001)
- Added new DNS plugins
- IBMSoftLayer (IBM Cloud DNS)
- AutoDNS (InternetX XML Gateway)
- Fix for some validation params not getting set properly on new instances of old orders
- Fix for Windows plugin not using
$dnsParamsappropriately (Thanks @B4dM4n)