uacme
cli
Our great sponsors
uacme | cli | |
---|---|---|
7 | 8 | |
417 | 3,478 | |
- | 1.5% | |
4.7 | 9.2 | |
about 1 month ago | 8 days ago | |
C | Go | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
uacme
- Dehydrated: Letsencrypt/acme client implemented as a shell-script
- Uacme: ACMEv2 client written in plain C with minimal dependencies
-
Retrospective and Technical Details on the Recent Firefox Outage
> So you're saying telemetry should be handled as a separate process that has nothing to do with the rest of the browser, and treated like a hostile service? [... T]his was a dumb bug and it is completely unreasonable to expect some kind of adversarial design "just in case a freak bug triggers on telemetry network requests".
I absolutely agree that this a dumb bug having little to nothing to do with telemetry. It is not even the first case-sensitivity HTTP/3 bug I’m personally encountering in the course of completely casual use[1].
At the same time, you know what? I’m glad you suggested this, because I certainly didn’t think of it. Yes, in an ideal world, telemetry absolutely should be a separate process (or thread, or at least not share an event loop—a separate “hang domain”, a vat[2] if you want). And so should everything off the critical path.
I’m not saying Firefox is bad for doing it differently. I’m saying it’s silly that Firefox is forced to play OS to such an extent because the actual one isn’t up to its demands.
[1] https://github.com/ndilieto/uacme/pull/11
[2] http://www.erights.org/elib/concurrency/vat.html
-
Who should consider using BSD over Linux and why?
Hmm .... not sure i'd necessarily say that's where i'm coming from. i'd be happy with a mix'n'match OS if most of the individual components were created and maintained with thought and care. (As distinct from e.g. "Over the last couple of weekends I learned Rust, and here's my first full program, an encrypted chat server. Enjoy!") Like, SQLite is not maintained by the OpenBSD project, but i believe it's generally considered to be a high-quality codebase. And i recently started using uacme on my server; i don't feel competent enough in C to comment directly on the quality of the codebase, but this and this indicate to me that the author has a clue (and in fact, i feel confident that they have far more of a clue than i do).
cli
-
Google will disable all but OAuth for IMAP, SMTP and POP starting Sept. 30
https://github.com/smallstep/cli implements some OAuth flows from the CLI, it may be helpful for you.
- Running one’s own root Certificate Authority in 2023
- Uacme: ACMEv2 client written in plain C with minimal dependencies
-
OpenSSL as a GUI
Is the according command line tool (https://github.com/smallstep/cli) from smallstep free and behind this GUI?
-
If you’re not using SSH certificates you’re doing SSH wrong
And they have an open issue for producing a chocolatey package: https://github.com/smallstep/cli/issues/365
-
Should you use Let's Encrypt for internal hostnames?
I'm biased because I'm the founder of the company, but you should check out the certificate management toolchain (CA[1] and CLI[2]) we've built at smallstep. A big focus of the project is human-friendliness. It's not perfect (yet) but I think we've made some good progress.
We also have a hosted option[3] with a free tier that should work for individuals, homelabs, pre-production, and even small production environments. We've started building out a management UI there, and it does map to the CLI as you've described :).
[1] https://github.com/smallstep/certificates
[2] https://github.com/smallstep/cli
[3] https://smallstep.com/certificate-manager/
-
SSH Keys How Are You Managing Them All?
https://github.com/smallstep/cli is pretty amazing, tbh. Documentation is just as stellar!
-
Recommend: Linux-Equivalent Tool of mkcert
https://github.com/smallstep/cli may be a bit overkill for your needs, but it's an epic toolkit and well worth checking out!
What are some alternatives?
acme.sh - A pure Unix shell script implementing ACME client protocol
jose-jwt - Ultimate Javascript Object Signing and Encryption (JOSE), JSON Web Token (JWT) and Json Web Keys (JWK) Implementation for .NET and .NET Core
win-acme - A simple ACME client for Windows (for use with Let's Encrypt et al.)
slips - SatoshiLabs Improvement Proposals
letsencrypt - Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
authy - Go library and program to access your Authy TOTP secrets.
Posh-ACME - PowerShell module and ACME client to create certificates from Let's Encrypt (or other ACME CA)
ssh-baseline - DevSec SSH Baseline - InSpec Profile
certify - Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com
mkcert - A simple zero-config tool to make locally trusted development certificates with any names you'd like.
acme-companion - Automated ACME SSL certificate generation for nginx-proxy
sio-go - Authenticated encryption for streams in Go