{ "info": { "author": "", "author_email": "", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: System Administrators", "License :: OSI Approved :: MIT License", "Programming Language :: Python", "Programming Language :: Python :: 3.4" ], "description": "letsencrypt-remote\n==================\n\n.. warning::\n letsencrypt-remote has been renamed to `certsling`_.\n Install that package for further updates.\n\nAn opinionated script to sign tls keys via `letsencrypt`_ on your local computer by forwarding the HTTP challenge via ssh.\n\n.. _certsling: https://pypi.python.org/pypi/certsling\n.. _letsencrypt: https://letsencrypt.org\n\n\nInstallation\n------------\n\nBest installed via `pipsi`_::\n\n % pipsi install letsencrypt-remote\n\nOr some other way to install a python package with included scripts.\n\n.. _pipsi: https://pypi.python.org/pypi/pipsi\n\n\nRequirements\n------------\n\nYou need an ``openssl`` executable in your path for key generation and signing.\n\n\nTesting with staging server\n---------------------------\n\nWith the ``-s`` option you can use the staging server of `letsencrypt`_.\nThis is advised, so you don't run into quota limits or similar until your setup works.\nThe resulting certificate won't validate, but otherwise has the same content as a regular certificate.\n\n\nBasic usage\n-----------\n\nCreate a directory with the email address as the name, which you want to use for authentication with letsencrypt.\nFor example ``webmaster@example.com``::\n\n % mkdir webmaster@example.com\n\nCreate a ssh connection to your server which forwards a remote port to the local port ``8080``::\n\n % ssh root@example.com -R 8080:localhost:8080\n\nOn your server the webserver needs to proxy requests to ``example.com:80/.well-known/acme-challenge/*`` to that forwarded port.\nAn example for nginx::\n\n location /.well-known/acme-challenge/ {\n proxy_pass http://localhost:8080;\n }\n\nFrom the directory you created earlier, invoke the ``letsencrypt-remote`` script with for example::\n\n % cd webmaster@example.com\n % letsencrypt-remote example.com www.example.com\n\nOn first run, you are asked whether to create a ``user.key`` for authorization with letsencrypt.\n\nAfter that, challenges for the selected domains are created and a server is started on port ``8080`` to provide responses.\nYour remote web server proxies them through the ssh connection to the locally running server.\n\nIf all went well, you get a server key and certificate in a new ``example.com`` folder::\n\n % ls example.com\n ...\n example.com-chained.crt\n example.com.crt\n example.com.key\n\nThe ``example.com-chained.crt`` file contains the full chain of you certificate together with the letsencrypt certificate.\n\n\nAdvanced usage\n--------------\n\nTo use DNS based authentication, you need to have ``socat`` on your server.\nAdditionally you need to setup your DNS, so it delegates ``_acme-challenge`` requests to your server.\nFor that you can add something similar to this to your zone file or equivalent::\n\n _acme-challenge IN NS www\n _acme-challenge.www IN NS www\n\nFor the forwarding, you need to add port ``8053``::\nCreate a ssh connection to your server which forwards a remote port to the local port ``8080``::\n\n % ssh root@example.com -R 8080:localhost:8080 -R 8053:localhost:8053\n\nThen in that ssh session, run the following to forward UDP port ``53`` to TCP on port ``8053``::\n\n # socat -T15 udp4-recvfrom:53,reuseaddr,fork tcp:localhost:8053\n\nFor ``letsencrypt-remote`` you need to add the `--dns`` option::\n\n % letsencrypt-remote --dns example.com www.example.com\n\nIt will then first try the HTTP challenge and if that fails it will try the DNS challenge.\n\n\nChangelog\n=========\n\n0.7.0 - 2016-12-30\n------------------\n\n* Renamed to ``certsling``.\n [fschulze]\n\n* Use symmetric difference in ``verify_domains``. This catches problems due to\n typos in domain names and some other cases.\n [solidgoldbomb]\n\n* Update list of issuer names checked in ``verify_crt``.\n [solidgoldbomb (Stacey Sheldon)]\n\n* More detailed error reporting.\n [fschulze]\n\n* Ask to agree to terms of use of letsencrypt and allow updating the registration.\n [fschulze]\n\n\n0.6.0 - 2016-05-09\n------------------\n\n* Upgrade to new X3 authority.\n [fschulze]\n\n\n0.5.0 - 2016-02-12\n------------------\n\n* Allow selection of letsencrypt.org staging server with ``-s`` option.\n [fschulze]\n\n\n0.4.1 - 2016-01-29\n------------------\n\n* Fix issue that the ``-chained.crt`` file wasn't updated.\n [fschulze]\n\n\n0.4.0 - 2016-01-12\n------------------\n\n* Initial release\n [fschulze]", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/fschulze/certsling", "keywords": "", "license": "", "maintainer": "", "maintainer_email": "", "name": "letsencrypt-remote", "package_url": "https://pypi.org/project/letsencrypt-remote/", "platform": "", "project_url": "https://pypi.org/project/letsencrypt-remote/", "project_urls": { "Homepage": "https://github.com/fschulze/certsling" }, "release_url": "https://pypi.org/project/letsencrypt-remote/0.7.0/", "requires_dist": null, "requires_python": "", "summary": "Opinionated letsencrypt acme client working via a ssh port forward.", "version": "0.7.0" }, "last_serial": 2546093, "releases": { "0.4.0": [ { "comment_text": "", "digests": { "md5": "1dfb319bdb1502632af830a23327c9aa", "sha256": "ecdf73e3887f6db9d5140ac64f85dcca33fb760a17ddf0cb784f4af2e1091c22" }, "downloads": -1, "filename": "letsencrypt-remote-0.4.0.tar.gz", "has_sig": false, "md5_digest": "1dfb319bdb1502632af830a23327c9aa", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11025, "upload_time": "2016-01-12T11:07:22", "url": "https://files.pythonhosted.org/packages/51/94/b812eef7048f5c266793de142a15661d8c6d0daa24b184eb83eda6629989/letsencrypt-remote-0.4.0.tar.gz" }, { "comment_text": "", "digests": { "md5": "3b6f7bc330ba62305c0f8cdf0e0dee5f", "sha256": "1eca146891803bbcd82640d069973f8480a1cad570be61f54eb762402d0d7a72" }, "downloads": -1, "filename": "letsencrypt-remote-0.4.0.zip", "has_sig": false, "md5_digest": "3b6f7bc330ba62305c0f8cdf0e0dee5f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14692, "upload_time": "2016-01-12T11:07:08", "url": "https://files.pythonhosted.org/packages/5a/62/93194681c1e8edf596f4622f4f75dec5705fa5bd914bab5762fb3c50e8f7/letsencrypt-remote-0.4.0.zip" } ], "0.4.1": [ { "comment_text": "", "digests": { "md5": "9c49f998ae8a6b0053f40d66ab2f7f4f", "sha256": "71c31f9d2e4ae357e9211b19b705bd5adc21ca9909335786757cddd97ba72564" }, "downloads": -1, "filename": "letsencrypt-remote-0.4.1.tar.gz", "has_sig": false, "md5_digest": "9c49f998ae8a6b0053f40d66ab2f7f4f", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11117, "upload_time": "2016-01-29T20:12:35", "url": "https://files.pythonhosted.org/packages/60/69/481ca3772e5d59652cecb64f231494ff1c9eb5f1a4c3688b30ab6b351400/letsencrypt-remote-0.4.1.tar.gz" }, { "comment_text": "", "digests": { "md5": "a7c9254a81915f9b51fc5103357c3d6b", "sha256": "16dfd223a670dc1aa3165193c42f7355a4bf173f7d5c0d8dfd446726db321cfa" }, "downloads": -1, "filename": "letsencrypt-remote-0.4.1.zip", "has_sig": false, "md5_digest": "a7c9254a81915f9b51fc5103357c3d6b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 14823, "upload_time": "2016-01-29T20:12:23", "url": "https://files.pythonhosted.org/packages/cc/07/e411bf9cdc8c8c1341770b1a080c86b61203822882320f8fefef1f72b619/letsencrypt-remote-0.4.1.zip" } ], "0.5.0": [ { "comment_text": "", "digests": { "md5": "4f70c57cc0e0fba322bc367886d73ede", "sha256": "415d365715876de0781ed629b7e25f0907991fd24a959bdb4d3baad9dafcdec1" }, "downloads": -1, "filename": "letsencrypt-remote-0.5.0.tar.gz", "has_sig": false, "md5_digest": "4f70c57cc0e0fba322bc367886d73ede", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11539, "upload_time": "2016-02-12T14:45:17", "url": "https://files.pythonhosted.org/packages/ec/da/ae098c13d5db8ef28bd50f2fcc5807594204f058d22db3eb583d4bf167fe/letsencrypt-remote-0.5.0.tar.gz" }, { "comment_text": "", "digests": { "md5": "c1f59b639129f30eb56c29a906cea2ef", "sha256": "9c5c28c5ddc769ef1906379f8ca66bac1ab94f4c6b0847fef0c914a28748b416" }, "downloads": -1, "filename": "letsencrypt-remote-0.5.0.zip", "has_sig": false, "md5_digest": "c1f59b639129f30eb56c29a906cea2ef", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15431, "upload_time": "2016-02-12T14:45:08", "url": "https://files.pythonhosted.org/packages/95/ce/90c6d080367aaab61e35512b54ac198ea4d89df2762f2a63c48cf867bd8f/letsencrypt-remote-0.5.0.zip" } ], "0.6.0": [ { "comment_text": "", "digests": { "md5": "0b9eeeba9ffce3a4347c6b4117389f8c", "sha256": "3431443dccf662ed44122354a39d69d0d32c77ee75ea8e85b2a4e94fa1427c8b" }, "downloads": -1, "filename": "letsencrypt-remote-0.6.0.tar.gz", "has_sig": false, "md5_digest": "0b9eeeba9ffce3a4347c6b4117389f8c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11715, "upload_time": "2016-05-09T10:29:06", "url": "https://files.pythonhosted.org/packages/44/6d/49d012cc4fb661985bcc2fdcdb1986ef4fe4d0a0f697508a26176c8aacc6/letsencrypt-remote-0.6.0.tar.gz" }, { "comment_text": "", "digests": { "md5": "b525d2033626fb166121fab3f6def497", "sha256": "a2a1eba82c63d41e0ce4158aa89798c5a0a324c64b9ea4c084b4cd13a2a9ec11" }, "downloads": -1, "filename": "letsencrypt-remote-0.6.0.zip", "has_sig": false, "md5_digest": "b525d2033626fb166121fab3f6def497", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 15673, "upload_time": "2016-05-09T10:28:52", "url": "https://files.pythonhosted.org/packages/c9/53/a5a5a75660a1e690c7c39e7aa7bcce584a9fe780388c14d7f66da848a0a2/letsencrypt-remote-0.6.0.zip" } ], "0.7.0": [ { "comment_text": "", "digests": { "md5": "442123bd5348f6049a76425eb6c4898d", "sha256": "caf360706691819a85b85c00b7015643621f0f6db414219c8b516aa869007992" }, "downloads": -1, "filename": "letsencrypt-remote-0.7.0.tar.gz", "has_sig": false, "md5_digest": "442123bd5348f6049a76425eb6c4898d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12402, "upload_time": "2016-12-30T13:33:07", "url": "https://files.pythonhosted.org/packages/71/a5/86461f80d43b90a33e599aff3097a3e2481b7556407e121b64b96ac1c087/letsencrypt-remote-0.7.0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "442123bd5348f6049a76425eb6c4898d", "sha256": "caf360706691819a85b85c00b7015643621f0f6db414219c8b516aa869007992" }, "downloads": -1, "filename": "letsencrypt-remote-0.7.0.tar.gz", "has_sig": false, "md5_digest": "442123bd5348f6049a76425eb6c4898d", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12402, "upload_time": "2016-12-30T13:33:07", "url": "https://files.pythonhosted.org/packages/71/a5/86461f80d43b90a33e599aff3097a3e2481b7556407e121b64b96ac1c087/letsencrypt-remote-0.7.0.tar.gz" } ] }