certify
Posh-ACME
Our great sponsors
certify | Posh-ACME | |
---|---|---|
41 | 14 | |
1,448 | 719 | |
1.0% | - | |
9.7 | 6.8 | |
23 days ago | 5 days ago | |
C# | PowerShell | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
certify
-
Google Pushing For 90 Day SSL/TLS Certificates - Time For Automation
I use certify the web for the rd gateway
-
How will you handle 90 day SSL expiration?
For Exchange and Remote Desktop Service we are using Certify The Web with Lets Encrypt. Works really well.
-
Ask HN: What are your “scratch own itch” projects?
It's worth doing! A few projects I've done:
I once needed a database of EV charging locations, but at the time(2011) there were no open databases, so I built https://openchargemap.org, that now serves millions of API queries per month for other apps and services
For another project, I recently wanted to control my guitar amp (a Positive Grid Spark) from my computer instead of using a mobile app, so I built https://soundshed.com which is both a bluetooth web app and an electron app you can install. It now has a few thousand users :)
And finally, another time I had some SSL certificates I needed to manage for another project (for the above mentioned https://openchargemap.org), so I built a GUI to manage and renew certificates on Windows. It's now a commercial app with hundreds of thousands of users and it's my full time job: https://certifytheweb.com
So yeah, worth doing!
- Who do you use for SSL Certificates?
-
LE proxy?
Would you be hosting this on Linux or Windows? I work on the https://certifytheweb.com app (as a convenient for instance) which can work as a central certificate renewal system, then you can choose to distribute certs in a variety of ways (push them to a secrets store such as Hashicorp vault of Azure KeyVault), then pull them periodically from your clients (and apply them to the services that need them). There is a linux version of this app in development which includes an API for pulling latest certs directly. You could achieve the same outcome with certbot and post request scripting hooks etc.
-
Certbot with occupied port 80
Note that since you're on windows anyway you could also get certs on windows (using https://certifytheweb.com etc) then copy then to WSL (you would add a Deploy to Generic Server task to export the certs as pem files etc and this could write out to the \\WSL$ share path).
-
Are there any solutions using a centralized validation server for Let's Encrypt
The software I develop https://certifytheweb.com does this to much the same degree, using DNS validation (http validation is supported for the same machine the app is running on, but not currently for remote servers). While it's currently aimed at Windows there is a Linux version in the works you could try out. It has a range of deployment tasks you can add (including things like SSH/SFTP deployment and remote scripting).
-
It's that time of the year again SSL
https://certifytheweb.com/ really made my Windows transition to LetsEncrypt easy. Now it's as efficient as acme.sh on linux with scripting after the cert is generated.
- Windows 10 - Lets Encrypt help pls
Posh-ACME
- Windows Server Cert Management in Small Environment
-
SSL Certificate Replacement Script
Also wanted to plug my cert related modules Posh-ACME and Posh-ACME.Deploy for getting and deploying free certs from Let's Encrypt or other ACME-based cert authorities. Though my modules typically require at least PS 5.1 and .NET 4.7.1.
- Cygwin in production?
- Windows 10 - Lets Encrypt help pls
-
Web cert questions
Setup a KeyVault and Managed Identity, which you can integrate with DigiCert natively. If you'd rather use Let's Encrypt, keyvault-acmebot does work well. Certify and win-acme have KeyVault plugins, just run the software on a VM somewhere and update KeyVault. You can also use Posh-ACME and the Azure Az PowerShell module to roll your own. You could also do it on a Linux/BSD OS with various ACME implementations and the Azure CLI.
-
Windows Server - Free SSL
I am using this PowerShell module to get LetsEncrypt certs on Windows https://github.com/rmbolger/Posh-ACME
It will generate the PFX and PEM cert files. Refer to https://github.com/rmbolger/Posh-ACME/blob/main/Tutorial.md for tutorial.
What are some alternatives?
win-acme - A simple ACME client for Windows (for use with Let's Encrypt et al.)
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
LetsEncrypt-PRTG - Post request script to install an SSL certificate obtained with Certify the Web or win-acme in PRTG.
keyvault-acmebot - Automated ACME SSL/TLS certificates issuer for Azure Key Vault (App Service / App Gateway / Front Door / CDN / others)
easy-rsa - easy-rsa - Simple shell based CA utility
acme.sh - A pure Unix shell script implementing ACME client protocol
cfssl - CFSSL: Cloudflare's PKI and TLS toolkit
PowerFGT - PowerShell module to manage Fortinet (FortiGate) Firewall
LettuceEncrypt - Free, automatic HTTPS certificate generation for ASP.NET Core web apps
OpenSSL - TLS/SSL and crypto library
uacme - ACMEv2 client written in plain C with minimal dependencies