/lego

Let's Encrypt/ACME client and library written in Go

Primary LanguageGoMIT LicenseMIT

lego logo

Automatic Certificates and HTTPS for everyone.

Lego

Let's Encrypt client and ACME library written in Go.

Go Reference Build Status Docker Pulls

Features

  • ACME v2 RFC 8555
    • Support RFC 8737: TLS Application‑Layer Protocol Negotiation (ALPN) Challenge Extension
    • Support RFC 8738: certificates for IP addresses
    • Support draft-ietf-acme-ari-03: Renewal Information (ARI) Extension
  • Register with CA
  • Obtain certificates, both from scratch or with an existing CSR
  • Renew certificates
  • Revoke certificates
  • Robust implementation of all ACME challenges
    • HTTP (http-01)
    • DNS (dns-01)
    • TLS (tls-alpn-01)
  • SAN certificate support
  • CNAME support by default
  • Comes with multiple optional DNS providers
  • Custom challenge solvers
  • Certificate bundling
  • OCSP helper function

Installation

How to install.

Usage

Documentation

Documentation is hosted live at https://go-acme.github.io/lego/.

DNS providers

Detailed documentation is available here.
Akamai EdgeDNS Alibaba Cloud DNS all-inkl Amazon Lightsail
Amazon Route 53 ArvanCloud Aurora DNS Autodns
Azure (deprecated) Azure DNS Bindman Bluecat
Brandit Bunny Checkdomain Civo
Cloud.ru CloudDNS Cloudflare ClouDNS
CloudXNS ConoHa Constellix CPanel/WHM
Derak Cloud deSEC.io Designate DNSaaS for Openstack Digital Ocean
DirectAdmin DNS Made Easy dnsHome.de DNSimple
DNSPod (deprecated) Domain Offensive (do.de) Domeneshop DreamHost
Duck DNS Dyn Dynu EasyDNS
Efficient IP Epik Exoscale External program
freemyip.com G-Core Gandi Live DNS (v5) Gandi
Glesys Go Daddy Google Cloud Google Domains
Hetzner Hosting.de Hosttech HTTP request
http.net Hurricane Electric DNS HyperOne IBM Cloud (SoftLayer)
IIJ DNS Platform Service Infoblox Infomaniak Internet Initiative Japan
Internet.bs INWX Ionos IPv64
iwantmyname Joker Joohoi's ACME-DNS Liara
Lima-City Linode (v4) Liquid Web Loopia
LuaDNS Mail-in-a-Box Manual Metaname
mijn.host MyDNS.jp MythicBeasts Name.com
Namecheap Namesilo NearlyFreeSpeech.NET Netcup
Netlify Nicmanager NIFCloud Njalla
Nodion NS1 Open Telekom Cloud Oracle Cloud
OVH plesk.com Porkbun PowerDNS
Rackspace RcodeZero reg.ru RFC2136
RimuHosting Sakura Cloud Scaleway Selectel v2
Selectel Servercow Shellrent Simply.com
Sonic Stackpath Tencent Cloud DNS TransIP
UKFast SafeDNS Ultradns Variomedia VegaDNS
Vercel Versio.[nl/eu/uk] VinylDNS VK Cloud
Vscale Vultr Webnames Websupport
WEDOS Yandex 360 Yandex Cloud Yandex PDD
Zone.ee Zonomi

If your DNS provider is not supported, please open an issue.