Acme.sh runs arbitrary commands from a remote server

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
#ACME #Letsencrypt #acme-client #Processes #Security

Our great sponsors
  • Onboard AI - Learn any GitHub repo in 59 seconds
  • InfluxDB - Collect and Analyze Billions of Data Points in Real Time
  • Sonar - Write Clean Python Code. Always.
  • Revelo Payroll - Free Global Payroll designed for tech teams
Our great sponsors

  • acme.sh

    A pure Unix shell script implementing ACME client protocol

    Looks like they are issuing under a sub-CA of "ssl.com" according to https://github.com/acmesh-official/acme.sh/issues/4659#issue...

    Interestingly, the mozilla dev-security-policy group seems to contain a recent discussion about including "ssl.com" in the root store here https://groups.google.com/a/mozilla.org/g/dev-security-polic...

    Curious to know if this could, maybe it should, have ripple effects to the various SSL Root CA programs. Having someone run a subCA that actually exploits an RCE against ACME clients doesn't seem very trustworthy, and any CA enabling this behaviour should probably be kicked out of the trust stores?

  • sh

    Python process launching

    I usually replace shell scripts with python (using sh module: https://amoffat.github.io/sh/ for calling other scripts/programs).

  • Onboard AI

    Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.

  • lego

    Let's Encrypt/ACME client and library written in Go

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts