Rust的Let's Encrypt AcmeV2

描述

此库是https://github.com/onur/acme-client的精简版本，仅提供Rust API，并支持Acmev2协议。目前仍在开发中，但您应该能够使用它来创建证书。

开发

在Windows上编译需要openssl，以下是一个简单的安装方法。

(Git Bash中的示例)

git clone https://github.com/microsoft/vcpkg
cd vcpkg
./bootstrap-vcpkg.sh
./vcpkg.exe install openssl
./vcpkg.exe install openssl:x64-windows-static
# Add OPENSSL_DIR=/vcpkg/path/installed/x64-windows-static
cargo build

快速入门

#[tokio::main]
async fn main() -> Result<()> {
    let dir = Directory::lets_encrypt()
        .await?;

    let account = dir.account_registration()
        .pkey_from_file(path) // optional, you can provide one with pkey(), or leave this blank to create a new pkey.
        .register()
        .await?;


    let domain = "yourdomain.com";
    let domains = &[domain];
    
    let order = account
        .create_order(&domain)
        .await
        .expect("create order");

    for chal in order.get_http_challenges() {
        chal.serve_challenge(Duration::from_seconds(30)); // create a temp webserver on port 80 for 30 seconds
        chal.validate(&account).await.expect("to validate");    
    }
    // use order.get_dns_challanges to do dns.

    let signer = account.certificate_signer(&domains);

    let cert = signer.sign_certificate(&order).await.expect("to sign certificate");

    cert.save_signed_certificate(format!("certs/{}.pem", domain_name)).await?;
    cert.save_private_key(format!("certs/{}.key", domain_name)).await?;
}

待办事项

• 证书吊销
• 密钥更改
• 示例

贡献者

感谢为这项努力做出贡献的人们

• @lucacasonato