Giter Club home page Giter Club logo

documentation's Introduction

Acme PHP

Build Status Packagist Version Software License

Acme PHP is a simple yet very extensible CLI client for Let's Encrypt that will help you get and renew free HTTPS certificates.

Acme PHP is also an initiative to bring a robust, stable and powerful implementation of the ACME protocol in PHP. Using the Acme PHP library and core components, you will be able to deeply integrate the management of your certificates directly in your application (for instance, renew your certificates from your web interface). If you are interested by these features, have a look at the acmephp/core and acmephp/ssl libraries.

Acme PHP is now maintained by https://zerossl.com.

Why should I use Acme PHP when I have an official client?

Acme PHP provides several major improvements over the default clients:

  • Acme PHP comes by nature as a single binary file: a single download and you are ready to start working ;
  • Acme PHP is based on a configuration file instead command line arguments. Thus, the configuration is much more expressive and the same setup is used at every renewal ;
  • Acme PHP is very extensible it to create the certificate files structure you need for your webserver. It brings several default formatters to create classical file structures (nginx, nginx-proxy, haproxy, etc.) but you can very easily create your own if you need to ;
  • Acme PHP follows a strict BC policy preventing errors in your scripts or CRON even if you update it (see the Backward Compatibility policy of Acme PHP for more informations) ;

Documentation

Read the official Acme PHP documentation.

Backward Compatibility policy

Acme PHP follows a strict BC policy by sticking carefully to semantic versioning. This means your scripts, your CRON tasks and your code will keep working properly even when you update Acme PHP (either the CLI tool or the library), as long as you keep the same major version (1.X.X, 2.X.X, etc.).

Launch the Test suite

The Acme PHP test suite uses the Docker Boulder image to create an ACME server. To launch the test suite, you need to setup the proper Docker environment for the suite. Useful scripts are available under the tests directory: in the Acme PHP root directory, execute the following:

# Create the Docker environment required for the suite
sudo tests/setup.sh

# Run the tests
tests/run.sh

# Clean the docker environment
tests/teardown.sh

Note: you may have boulder errors sometimes in tests. Simply ignore them and rerun the suite, they are due to an issue in the container DNS.

Warning: as the acmephp/testing-ca Docker image needs to be mapped to the host network, you may have ports conflicts. See https://github.com/acmephp/testing-ca for more informations.

Run command

The run command is an all in one command who works with a domain config file like

contact_email: contact@company
key_type: RSA                                          # RSA or EC (for ECDSA). Default "RSA"

defaults:
  distinguished_name:
      country: FR
      locality: Paris
      organization_name: MyCompany
  solver: http

certificates:
  - domain: example.com
    distinguished_name:
      organization_name: MyCompany Internal
    solver: route53
    subject_alternative_names:
      - '*.example.com'
      - www.subdomain.example.com
    install:
      - action: install_aws_elb
        region: eu-west-1
        loadbalancer: my_elb
  - domain: www.example.com
    solver:
      name: http-file
      adapter: ftp                                     # ftp or sftp or local, see https://flysystem.thephpleague.com/
      root: /var/www/
      host: ftp.example.com
      username: username
      password: password
      # port: 21
      # passive: true
      # ssl: true
      # timeout: 30
      # privateKey: path/to/or/contents/of/privatekey

usage

$ acmephp run path-to-config.yml

Using docker

You can also use the docker image to generate certificates. Certificates and keys are stored into the volume /root/.acmephp

docker run --rm -ti -v /cache/.acmephp:/root/.acmephp -v $PWD/.config.yml:/etc/acmephp.yml:ro acmephp/acmephp:latest run /etc/acmephp.yml

documentation's People

Contributors

aik099 avatar jderusse avatar lukeb avatar lyrixx avatar mrspence avatar philipsharp avatar rokclimb15 avatar techviaduc avatar tgalopin avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

snellingio lyrixx aik099 lukeb jderusse philipsharp littleplus xiaohuilam techviaduc mrspence agitama

documentation's Issues

Does it support ACME Protocol v2?

Hey,

Do you have any plans to upgrade library to support ACME v2 protocol? I've using this library and LE is going to stop supporting v1 client requests from 1st June, 2020. I'm not sure what to do now.
Can you or anybody suggest me any other good ACME php client?

Thanks.

'request' command is deprecated in manual

The manual at the bottom of https://acmephp.github.io/documentation/guides/multidomain-certificates.html writes:

Renew a multi-domain certificate
The process is the same as for a single domain certificate: re-run the request command:
php acmephp.phar request yourdomain.org -a www.yourdomain.org -a anotherdomain.org

Running the 'request' command you get error:

This command is deprecated. Use command "run" instead
Loading account key pair...
Forced renewal.
Loading domain key pair...
Loading domain distinguished name...
Loading the order related to the domains *.yourdomain.org, *.anotherdomain.org ...
Renewing certificate for domain *.yourdomain.org ...

In ServerErrorHandler.php line 109:

  [malformed] The request message was malformed: No order for ID 46762453670 (on request "POST https://acme-v02.api.letsencrypt.org/acme/order/8960278
  0/46762453670")


In RequestException.php line 113:

  Client error: `POST https://acme-v02.api.letsencrypt.org/acme/order/89602780/46762453670` resulted in a `404 Not Found` response:
  {
    "type": "urn:ietf:params:acme:error:malformed",
    "detail": "No order for ID 46762453670",
    "status": 404
  }


request [-f|--force] [--country COUNTRY] [--province PROVINCE] [--locality LOCALITY] [--organization ORGANIZATION] [--unit UNIT] [--email EMAIL] [-a|--alternative-name ALTERNATIVE-NAME] [-k|--key-type KEY-TYPE] [--] <domain>

Please update the documentation with an example of how to renew multiple domains with the new run command.

I ran the install commands. I see acmephp.phar. I get no version, no error message.

I have both files in my root directory on a shared server running cloudlinux.
The version command fails without output.

[pcmhrdzd@server122 ~]$ php -r "copy('https://github.com/acmephp/acmephp/releases/download/1.0.0-beta2/acmephp.phar', 'acmephp.phar');"
[pcmhrdzd@server122 ~]$ php -r "copy('https://github.com/acmephp/acmephp/releases/download/1.0.0-beta2/acmephp.phar.pubkey', 'acmephp.phar.pubkey');"
[pcmhrdzd@server122 ~]$ php acmephp.phar --version
[pcmhrdzd@server122 ~]$ php acmephp.phar --version
[pcmhrdzd@server122 ~]$
????
getSSL and Certbot failed thus:
[pcmhrdzd@server122 ~]$ ./getssl -c www.PCMHpcc.com
getssl: this script requires one of: nslookup drill dig host

[pcmhrdzd@server122 ~]$ ./certbot-auto
"sudo" is not available, will use "su" for installation steps...
Sorry, I don't know how to bootstrap Certbot on your operating system!

You will need to install OS dependencies, configure virtualenv, and run pip install manually.
Please see https://letsencrypt.readthedocs.org/en/latest/contributing.html#prerequisites
for more info.

sysinfo

CloudLinux 6.x
Apache: 2.2.31
Codeguard: included to all shared plans, more details can be found here
cPanel: 11.58.0
cURL: 7.37.1 and 7.38.0
CXS: installed on all shared servers
Git: enabled
SEO: included to all shared packages; more information can be found in this article
Imagick module: 3.1.2 (3.4.3 for 'native' PHP version)
IonCube PHP Loader: 4.6.1
Mod_Rewrite: enabled
Mod_Security: enabled, more details can be found here
MySQL (for older servers): 5.5.32
MariaDB (for newer servers): 10.1.13

Mysqli Support: enabled
Perl: 5.10.1
PHP: 5.4.43 (5.4 native), 5.3.29 (5.3 native) with 5.2 - 5.6, 7.0 available, more details can be found here
PHP modules: full list of PHP modules and extensions can be found here
Python: 2.6.6
Rails: 2.3.18
Ruby: 1.8.7
ZendGuard Loader: 3.3

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.