A pure Unix shell script implementing ACME client protocol (by acmesh-official) Alternatives

Similar projects and alternatives to

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better alternative or higher similarity.

Suggest an alternative to

Reviews and mentions

Posts with mentions or reviews of We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2021-09-02.
  • Is there anyway to use Let's Encrypt without port forwarding 80? | 2021-09-02
    I largely relied on this website: In the process I ran into several issues and had to figure out corrections. Also, this site only provided automation from within the NAS. I did not want to risk messing up the configurations inside the NAS, so I set it up on the pi instead. | 2021-09-02
    I recently set up Let's Encrypt certificates on Synology using running on a pi. Here are my notes. I am still a couple weeks before the certificates can be renewed (within one month before expiration) so I haven't verified the automated renewal yet, but I hope it will run with no problem. Let me know if this helps. | 2021-09-02
    I use on my Synology. | 2021-09-02
    There is a guide somewhere out there on how to set it up directly on Synology. I just looked for it again but couldn't. I remember you have to set up ssh on Synology, ssh in as root, create a few folders here and there, install, configure the appropriate folder/file privileges, etc. It may be a simpler solution, but I felt much more at ease with messing with the pi.
  • How do you manage TLS certificates for containers? | 2021-08-31
    Noob here... Currently I'm looking at running acme ( inside each container so it has an auto-renewing tls certificate.
  • Let's Encrypt and Cisco ASA VPN | 2021-08-27
  • Help - Split-horizon Web application
    Okay I don't want to be a pain in the ass but dns verification is a completely new world to me. I used on my backend and followed the guide you sent me., everything is fine and went smoothly (also I am using cloudflare). Do I need to generate a letsencrypt cert on the backend or anything like that? Do I need to generate any certs on the frontend?
  • https without reverse proxy
  • DNS alias mode (2020)
  • Hacker News top posts: Aug 22, 2021
    Let's Encrypt ACME DNS alias mode\ (25 comments)
  • Let's Encrypt ACME DNS alias mode | 2021-08-21
  • Another free CA as an alternative to Let's Encrypt | 2021-08-20
    > If you want to use the www auth you need to allow outbound connections to any IP

    Only for the time period when you're requesting the cert though: it does not have to be open to the entire Internet 24/7. While this not satisfy your personal / particular level of security concern, it is something. Using the dehydrated client as an example, the web server could be started and stopped (or the host's firewall rules altered) in the startup_hook() / exit_hook() functions, or the deploy_challenge() / clean_challenge() functions:


    > otherwise you have the DNS option which means giving the server access to modify the DNS records which is also unsafe should the box get compromised.

    Are you aware of LE/ACME's "DNS alias" mode?



    Let us say you with to get a cert for Letting an ACME client change the value of that could be a risk as you state. So what you can do is create a CNAME, and point that elsewhere, like You then allow the ACME client to alter (just) the TXT records of

    People have ever written simple DNS server that allow for updating of records via a RESTful API, so you can server just the (e.g.) dnsauth sub-domain from it:


    There's also a CLI utility that can handle access the APIs of several dozen DNS companies so you don't have to roll your own:

    * | 2021-08-20
    This is what I do as well. I have set up[1] on a Raspberry Pi on my home network, which isn't accessible from the outside. It is triggered every night by a systemd timer and renews (using the DNS challenge) and deploys all expiring certificates.


  • NameCheap Let's Encrypt SSL wildcard. | 2021-08-05
    use this client in DNS mode valdiation. You will need an API to access namecheap dns(in your profile dashboard)


Basic repo stats
3 days ago

acmesh-official/ is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
Find remote jobs at our new job board There are 25 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.