Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 ACME Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
letsencrypt
Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
-
certificates
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
getssl
obtain free SSL certificates from letsencrypt ACME server Suitable for automating the process on remote servers.
-
certify
Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com
-
docker-nginx-certbot
Automatically create and renew website certificates for free using the Let's Encrypt certificate authority.
-
Posh-ACME
PowerShell module and ACME client to create certificates from Let's Encrypt (or other ACME CA)
-
narrowlink
A self-hosted solution to enable secure connectivity between devices across restricted networks like NAT or firewalls
-
Crypt-LE
Crypt::LE - Let's Encrypt / Buypass / ZeroSSL and other ACME-servers client and library in Perl for obtaining free SSL certificates (inc. generating RSA/ECC keys and CSRs). HTTP/DNS verification is supported out of the box, EAB (External Account Binding) supported, easily extended with plugins, easily dockerized.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Why Does Windows Use Backslash as Path Separator? | news.ycombinator.com | 2024-04-24No, look at the associated unit test: https://github.com/caddyserver/caddy/blob/c6eb186064091c79f4...
If that test fails we could serve PHP source code instead of having it be evaluated, a major security flaw.
A self-signed certificate was generated and used by Proxmox which will always generate a warning on the browser. I did not like seeing this when trying to work on my home lab. So, I started looking for ways to put a valid SSL certificate in Proxmox. During my research, I found that Proxmox could be made to integrate with acme.sh; a free SSL certificate generator powered by ACME(Let's Encrypt).
I've been running mailcow [1] on a Hetzner cloud server for a few years and am pretty happy with it.
[1] https://mailcow.email
Project mention: Wireguard (docker-compose) has stopped being able to connect to the internet. | /r/WireGuard | 2023-07-10My hunch is that because I decided to include the acme-companion image in this nginx setup, that maybe it has something to do with the SSL certs? The only other thing I could think of is that I had to combine the networks in order for nginx-proxy and Sonarr both to be able to see my transmission instance via:
Project mention: Dehydrated: Letsencrypt/acme client implemented as a shell-script | news.ycombinator.com | 2024-04-19Self contained but hardly a tiny supply chain attack surface: https://github.com/go-acme/lego/blob/master/go.sum
You can roll your own with https://github.com/smallstep/certificates. We maintain major open source projects and contribute a lot to other projects. I don’t think that means everything we do has to be open source. Sorry this one wasn’t. Doing this in pure open source would be a book, not a blog post.
Love Let’s Encrypt — we’re sponsors — but using them for WiFi is a terrible idea. You need internal PKI for WiFi.
Project mention: Dehydrated: Letsencrypt/acme client implemented as a shell-script | news.ycombinator.com | 2024-04-19From this commit:
https://github.com/dehydrated-io/dehydrated/commit/b116e6bc2...
There's no reason you couldn't run your own ACME server (the Let's Encrypt folk publish an open source one, boulder, but there's plenty of others). Then you can just use certbot in your VMs to manage certificates, configured to point to your CA server instead of the Let's Encrypt one.
Project mention: Show HN: Clace – Platform for secure internal web applications | news.ycombinator.com | 2023-10-18
A 'competitor' to this would be GetSSL which is a pure-shell ACME client (plus OpenSSL and cURL) and can be executed on one host, but send verification tokens to remote systems (where you may not have cron access):
> Get certificates for remote servers - The tokens used to provide validation of domain ownership, and the certificates themselves can be automatically copied to remote servers (via ssh, sftp or ftp for tokens). The script doesn't need to run on the server itself. This can be useful if you don't have access to run such scripts on the server itself, as it's a shared server for example.
* https://github.com/srvrco/getssl
Project mention: Seeking Guidance: SSL Certification for a Local Server in Windows 2019 Data Center Environment | /r/sysadmin | 2023-05-23Option 2+: If your public DNS is hosted by a provider that has Win-ACME or Certify the Web support, use Let's Encrypt and automate the whole thing.
Traefik : A modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components and configures itself automatically and dynamically. it's also well integrated with Let's Encrypt (Alternatives : HAProxy, Kong, NGINX)
esc = select the last "stuff" just typed
The fact you can create your own "buttons" that do basically anything is pretty nice, but you REALLY want a 3 button pointing device to use it. It also doesn't care about the programming language you use to create such a button, but you will work with the filesystem metaphor provided by Acme itself to get things done.
I find the mouse interface is extremely fast, and when you couple it with the power of the plumber in Plan 9, it's a reasonably good way to navigate around a complex workflow.
It's also a reasonably small environment in terms of lines of code. The Go version (Edwood) is pretty good too! https://github.com/rjkroege/edwood
Project mention: Linux Networking Shallow Dive: WireGuard, Routing, TCP/IP and Nat | news.ycombinator.com | 2023-05-23Or instead you can have HTTP proxy over TLS in just four steps: https://github.com/Snawoot/dumbproxy/wiki/Quick-deployment
You don't even need a client for this, any modern browser can work with it right away: https://github.com/Snawoot/dumbproxy#using-http-over-tls-pro...
ACME related posts
- Setting up a Homelab: Part 1 Proxmox and LetsEncrypt
- Dehydrated: Letsencrypt/acme client implemented as a shell-script
- How to Build Email Server with Exim on Alma Linux 9
- Ask HN: What should a Alternative to LetsEncrypt offer
- Setting Up a Kubernetes Cluster on AWS EKS With Eksctl and Deploying an App
- Ask HN: What is your experience with ZeroSSL?
- Narrowlink 0.2.4 Just Released
-
A note from our sponsor - InfluxDB
www.influxdata.com | 26 Apr 2024
Index
What are some of the best open-source ACME projects? This list will help you:
Project | Stars | |
---|---|---|
1 | Caddy | 53,718 |
2 | acme.sh | 36,504 |
3 | letsencrypt | 30,817 |
4 | Mailcow | 7,931 |
5 | acme-companion | 7,261 |
6 | lego | 7,269 |
7 | certificates | 6,154 |
8 | dehydrated | 5,886 |
9 | win-acme | 5,039 |
10 | boulder | 4,967 |
11 | certmagic | 4,812 |
12 | getssl | 2,036 |
13 | acmetool | 2,022 |
14 | LettuceEncrypt | 1,510 |
15 | certify | 1,448 |
16 | docker-nginx-certbot | 854 |
17 | website | 817 |
18 | Posh-ACME | 720 |
19 | narrowlink | 517 |
20 | traefik-certs-dumper | 423 |
21 | edwood | 371 |
22 | dumbproxy | 370 |
23 | Crypt-LE | 348 |
Sponsored