KittyKatt/lego

Let's Encrypt/ACME client and library written in Go

Let's Encrypt client and ACME library written in Go.

Features

• ACME v2 RFC 8555
• Register with CA
• Obtain certificates, both from scratch or with an existing CSR
• Renew certificates
• Revoke certificates
• Robust implementation of all ACME challenges
  • HTTP (http-01)
  • DNS (dns-01)
  • TLS (tls-alpn-01)
• SAN certificate support
• Comes with multiple optional DNS providers
• Custom challenge solvers
• Certificate bundling
• OCSP helper function

lego introduced support for ACME v2 in v1.0.0. If you still need to utilize ACME v1, you can do so by using the v0.5.0 version.

Installation

How to install.

Usage

• as a CLI
• as a library

Documentation

Documentation is hosted live at https://go-acme.github.io/lego/.

DNS providers

Detailed documentation is available here.

Akamai EdgeDNS	Alibaba Cloud DNS	all-inkl	Amazon Lightsail
Amazon Route 53	ArvanCloud	Aurora DNS	Autodns
Azure	Bindman	Bluecat	Checkdomain
CloudDNS	Cloudflare	ClouDNS	CloudXNS
ConoHa	Constellix	deSEC.io	Designate DNSaaS for Openstack
Digital Ocean	DNS Made Easy	DNSimple	DNSPod
Domain Offensive (do.de)	Domeneshop	DreamHost	Duck DNS
Dyn	Dynu	EasyDNS	Epik
Exoscale	External program	freemyip.com	G-Core Labs
Gandi Live DNS (v5)	Gandi	Glesys	Go Daddy
Google Cloud	Hetzner	Hosting.de	Hosttech
HTTP request	Hurricane Electric DNS	HyperOne	IBM Cloud (SoftLayer)
IIJ DNS Platform Service	Infoblox	Infomaniak	Internet Initiative Japan
Internet.bs	INWX	Ionos	iwantmyname
Joker	Joohoi's ACME-DNS	Linode (v4)	Liquid Web
Loopia	LuaDNS	Manual	MyDNS.jp
MythicBeasts	Name.com	Namecheap	Namesilo
Netcup	Netlify	Nicmanager	NIFCloud
Njalla	NS1	Open Telekom Cloud	Oracle Cloud
OVH	Porkbun	PowerDNS	Rackspace
reg.ru	RFC2136	RimuHosting	Sakura Cloud
Scaleway	Selectel	Servercow	Simply.com
Sonic	Stackpath	Tencent Cloud DNS	TransIP
UKFast SafeDNS	VegaDNS	Vercel	Versio.[nl/eu/uk]
VinylDNS	Vscale	Vultr	WEDOS
Yandex	Zone.ee	Zonomi

If your DNS provider is not supported, please open an issue.