Thank you all for helping me iron out my client for ACMEv2

I want to offer a big THANK YOU to @_az, @mnordhoff, @jsha, @JuergenAuer, @rmbolger and everyone else who answered some of the more esoteric questions about the ACMEv2 process over the past few months.

My client, PeterSSLers, has been handling acme-v2 on our production servers since April. While there are a few things that still need to be fixed or streamlined (mostly renewal logic)… the ACME protocol bits are pretty much done.

The client is open source and available on Github. IT IS NOT FOR NOVICE USERS AND OVERKILL FOR 99.9% OF USE-CASES.

PeterSSLers is a combination ACME client, Certificate Manager, and OpenResty(Nginx) Plugin for dynamic SSL loading – and can be entirely driven by an API.

It was designed for the needs of organizations who handle whitelabel services and/or webhosting, and have:

  • a scalable number of domains
  • a scalable number of nodes/servers

HTTP-01 authorization is handled by routing traffic across a network into a single management node. Certificates are saved into Postgres or Sqlite, then dynamically loaded into OpenResty servers via a multi-level failover cache: Nginx worker, Nginx master, Redis, JSON API via Python.

It can also function as a quick troubleshooting toolkit for nodes that are acting weird - the installation requirements were minimized by using commandline OpenSSL functions if Python crypto libraries are not installed on a machine.

9 Likes

Now that’s a README :+1:.

3 Likes

Props for the name, though, even if I’ll never use it.

3 Likes

image
I think I see a message buried in all these zeros and ones!

3 Likes

I can not comment about pink Panthers, but the project officially targets the Lynx web browser as a supported platform :wink:

3 Likes

As and more clues appear…
image
Author: J.J. Lynx

Hard to see in this pic - but in the black circle it reads:
Soon to be a great PETER SELLERS movie

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.