Posh-ACME
uacme
Our great sponsors
Posh-ACME | uacme | |
---|---|---|
14 | 7 | |
720 | 417 | |
- | - | |
6.8 | 4.7 | |
14 days ago | about 1 month ago | |
PowerShell | C | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Posh-ACME
-
trying to copy a signed xml using get-content and set-content. It works when I get-content from the original file, or a get-content and then set-content created version of the file... but if I try to store the file in the script itself to set-content later, no dice. Why not?
Yes. It’s just text, right? So as long as the process you’re using to copy the contents into the string variable isn’t accidentally adding or removing white space (including line breaks), it should just be a matter of matching the output encoding and line endings. If the source file has Unix line endings, you may need to drop into .NET in order to output your string variable to the file. There’s an example you can use at the end of this file.
-
Anyone using Let's Encrypt Certify The Web?
Dropped it for Posh-ACME https://github.com/rmbolger/Posh-ACME
- Windows Server Cert Management in Small Environment
-
SSL Certificate Replacement Script
Also wanted to plug my cert related modules Posh-ACME and Posh-ACME.Deploy for getting and deploying free certs from Let's Encrypt or other ACME-based cert authorities. Though my modules typically require at least PS 5.1 and .NET 4.7.1.
- Cygwin in production?
- Windows 10 - Lets Encrypt help pls
-
What on earth kind of policy is this, GoDaddy?
while it does indeed work well and i did some tests with it in my home env things like https://github.com/rmbolger/Posh-ACME/issues/333 happening don't really help putting trust in the reliability of that unfortunately.
-
Web cert questions
Setup a KeyVault and Managed Identity, which you can integrate with DigiCert natively. If you'd rather use Let's Encrypt, keyvault-acmebot does work well. Certify and win-acme have KeyVault plugins, just run the software on a VM somewhere and update KeyVault. You can also use Posh-ACME and the Azure Az PowerShell module to roll your own. You could also do it on a Linux/BSD OS with various ACME implementations and the Azure CLI.
- Trojan detected, need help
-
Powershell administration of Dynamics365 - SSL certificate
Posh-ACME can help with obtaining a free cert from a public CA. I know nothing about Dynamics365 though. So I'll have to defer to others on being able to deploy the cert to it.
uacme
- Dehydrated: Letsencrypt/acme client implemented as a shell-script
- Uacme: ACMEv2 client written in plain C with minimal dependencies
-
Retrospective and Technical Details on the Recent Firefox Outage
> So you're saying telemetry should be handled as a separate process that has nothing to do with the rest of the browser, and treated like a hostile service? [... T]his was a dumb bug and it is completely unreasonable to expect some kind of adversarial design "just in case a freak bug triggers on telemetry network requests".
I absolutely agree that this a dumb bug having little to nothing to do with telemetry. It is not even the first case-sensitivity HTTP/3 bug I’m personally encountering in the course of completely casual use[1].
At the same time, you know what? I’m glad you suggested this, because I certainly didn’t think of it. Yes, in an ideal world, telemetry absolutely should be a separate process (or thread, or at least not share an event loop—a separate “hang domain”, a vat[2] if you want). And so should everything off the critical path.
I’m not saying Firefox is bad for doing it differently. I’m saying it’s silly that Firefox is forced to play OS to such an extent because the actual one isn’t up to its demands.
[1] https://github.com/ndilieto/uacme/pull/11
[2] http://www.erights.org/elib/concurrency/vat.html
-
Who should consider using BSD over Linux and why?
Hmm .... not sure i'd necessarily say that's where i'm coming from. i'd be happy with a mix'n'match OS if most of the individual components were created and maintained with thought and care. (As distinct from e.g. "Over the last couple of weekends I learned Rust, and here's my first full program, an encrypted chat server. Enjoy!") Like, SQLite is not maintained by the OpenBSD project, but i believe it's generally considered to be a high-quality codebase. And i recently started using uacme on my server; i don't feel competent enough in C to comment directly on the quality of the codebase, but this and this indicate to me that the author has a clue (and in fact, i feel confident that they have far more of a clue than i do).
What are some alternatives?
certify - Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com
acme.sh - A pure Unix shell script implementing ACME client protocol
keyvault-acmebot - Automated ACME SSL/TLS certificates issuer for Azure Key Vault (App Service / App Gateway / Front Door / CDN / others)
win-acme - A simple ACME client for Windows (for use with Let's Encrypt et al.)
PowerFGT - PowerShell module to manage Fortinet (FortiGate) Firewall
letsencrypt - Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
Posh-ACME.Deploy - Collection of certificate deployment functions intended for use with Posh-ACME
acme-companion - Automated ACME SSL certificate generation for nginx-proxy
PSKoans - A simple, fun, and interactive way to learn the PowerShell language through Pester unit testing.
glewlwyd - Experimental Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins