/lego

Let's Encrypt/ACME client and library written in Go

Primary LanguageGoMIT LicenseMIT

lego logo

Automatic Certificates and HTTPS for everyone.

Lego

Let's Encrypt client and ACME library written in Go.

Go Reference Build Status Docker Pulls

Features

  • ACME v2 RFC 8555
    • Support RFC 8737: TLS Application‑Layer Protocol Negotiation (ALPN) Challenge Extension
    • Support RFC 8738: certificates for IP addresses
    • Support draft-ietf-acme-ari-01: Renewal Information (ARI) Extension
  • Register with CA
  • Obtain certificates, both from scratch or with an existing CSR
  • Renew certificates
  • Revoke certificates
  • Robust implementation of all ACME challenges
    • HTTP (http-01)
    • DNS (dns-01)
    • TLS (tls-alpn-01)
  • SAN certificate support
  • CNAME support by default
  • Comes with multiple optional DNS providers
  • Custom challenge solvers
  • Certificate bundling
  • OCSP helper function

Installation

How to install.

Usage

Documentation

Documentation is hosted live at https://go-acme.github.io/lego/.

DNS providers

Detailed documentation is available here.
Akamai EdgeDNS Alibaba Cloud DNS all-inkl Amazon Lightsail
Amazon Route 53 ArvanCloud Aurora DNS Autodns
Azure (deprecated) AzureDNS Bindman Bluecat
Brandit Bunny Checkdomain Civo
CloudDNS Cloudflare ClouDNS CloudXNS
ConoHa Constellix Derak Cloud deSEC.io
Designate DNSaaS for Openstack Digital Ocean DNS Made Easy dnsHome.de
DNSimple DNSPod (deprecated) Domain Offensive (do.de) Domeneshop
DreamHost Duck DNS Dyn Dynu
EasyDNS Efficient IP Epik Exoscale
External program freemyip.com G-Core Labs Gandi Live DNS (v5)
Gandi Glesys Go Daddy Google Cloud
Google Domains Hetzner Hosting.de Hosttech
HTTP request Hurricane Electric DNS HyperOne IBM Cloud (SoftLayer)
IIJ DNS Platform Service Infoblox Infomaniak Internet Initiative Japan
Internet.bs INWX Ionos IPv64
iwantmyname Joker Joohoi's ACME-DNS Liara
Linode (v4) Liquid Web Loopia LuaDNS
Manual Metaname MyDNS.jp MythicBeasts
Name.com Namecheap Namesilo NearlyFreeSpeech.NET
Netcup Netlify Nicmanager NIFCloud
Njalla Nodion NS1 Open Telekom Cloud
Oracle Cloud OVH plesk.com Porkbun
PowerDNS Rackspace RcodeZero reg.ru
RFC2136 RimuHosting Sakura Cloud Scaleway
Selectel Servercow Simply.com Sonic
Stackpath Tencent Cloud DNS TransIP UKFast SafeDNS
Ultradns Variomedia VegaDNS Vercel
Versio.[nl/eu/uk] VinylDNS VK Cloud Vscale
Vultr Websupport WEDOS Yandex Cloud
Yandex PDD Zone.ee Zonomi

If your DNS provider is not supported, please open an issue.