Certbot v0.5.1 Certbot.Provider.Acme View Source

Certificate provider for the Acme protocol

When a request is made for a hostname, the provider will look into the certificate store (Certbot.CertificateStore) to see whether it has a certificate for that hostname.

If so, it will return the certificate.

If not, it will try to request a certificate using the acme client. This is done by retrieving an authorization, which has challenges. We need to prove to the acme server that we own the hostname.

One of these challenges can be done over http. We use this one to prove ownership. The challenge is stored in the challenge store (Certbot.Acme.ChallengeStore), then the Acme server is asked to verify the challenge. The Certbot.Acme.Plug verifies the challenge by using the store.

Next step is to build a Certificate Signing Request (csr) and send this to the Acme server. In the response there will be a url where the signed certificate can be retrieved from the Acme server.

The downloaded certificate is used for the serving the request, and also stored in the certificate store for subsequent requests.

Example

  use Certbot.Provider.Acme,
    acme_client: YourApp.Certbot,
    certificate_store: Certbot.CertificateStore.Default,
    challenge_store: Certbot.ChallengeStore.Default

For the options that can be given to the use macro, see Certbot.Provider.Acme.Config

Link to this section Summary

Link to this section Functions

Link to this function

get_by_hostname(hostname, opts)

View Source