./security/acmesh, Lets Encrypt ACME client in shell script

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.1.1, Package name: acmesh-3.1.1, Maintainer: ryoon

A pure Unix shell script implementing ACME client protocol

* An ACME protocol client written purely in Shell (Unix shell) language.
* Full ACME protocol implementation.
* Support ACME v1 and ACME v2
* Support ACME v2 wildcard certs
* Simple, powerful and very easy to use. You only need 3 minutes to learn it.
* Bash, dash and sh compatible.
* Simplest shell script for Let's Encrypt free certificate client.
* Purely written in Shell with no dependencies on python or the official
Let's Encrypt client.
* Just one script to issue, renew and install your certificates automatically.
* DOES NOT require root/sudoer access.
* Docker friendly
* IPv6 support


Required to run:
[www/curl] [net/socat] [security/mozilla-rootcerts]

Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 308.93 KB

Version history: (Expand)

CVS history: (Expand)


   2025-06-15 16:11:06 by Ryo ONODERA | Files touched by this commit (4) | Package updated
Log message:
security/acmesh: Update to 3.1.1

Changelog:
3.1.1:
What's Changed

    add dns_api for Technitum dns server by @qupfer in #6117
    deploy hook for Ruckus ZoneDirector / Unleashed by @kchiem in #4832
    dns_world4you: Adapt to change in world4you.com DeleteDnsRecordForm by \ 
@NerLOR in #6114
    Add support for ZoneEdit.com by @lukavia in #6136
    Fix keystore ownership in Unifi deployment - unifi.sh by @adn77 in #6168
    DNS API: fix structural info for new providers by @stokito in #6174
    dnsapi: Add structured info for lima-city and west.cn by @stokito in #6176
    fix: remove control characters by @M0NsTeRRR in #6181
    Add mijn.host DNS API Support by @peterv99 in #6178
    Fix syntax for OpenBSD sh by @catap in #6099
    Update dns_cyon plugin by @JazzMalar in #6184
    Correct typo in acme.sh by @jpmens in #6190
    Create script for deploy certificate on Proxmox Backup Server by @HTDemony \ 
in #6191
    Feature: Add new version API dns SELECTEL dns_selectel.sh (actual v2) by \ 
@vlad-kms in #5128
    Portability: use uname -n instead of hostname. by @ghen2 in #6194
    Fixed cloudkey gen 2 changes by @3VAbdAVE in #6195
    Truenas deploy websocket by @Attackwave in #6108
    Add dnsapi script for HE DDNS by @markkuleinio in #5237
    Add Beget.com DNS API support by @ARNik in #6202
    Fix bug saving SYNO_LOCAL_HOSTNAME by @davidha in #6226
    Allow deploying of PKCS to docker containers and other hooks by @tomo2403 in \ 
#6234
    chore(synology): remove personal mail by @scruel in #6239
    dns_world4you: Adapt to change in world4you.com by @NerLOR in #6242
    Support FreeBSD's sed -i by @aafbsd in #6245
    Add FreeMyIP DNS Api Support by @Giova96 in #6240
    cqhttp notify-hook:Compatibility with QQ Headless Project Napcat by \ 
@metaforget in #6257
    dns_he_ddns: Add empty dns_he_ddns_rm() to remove warnings by @markkuleinio \ 
in #6263
    routeros: file-name should in quotes in newer (7.18) version by @copyliu in #6262
    haproxy: don't leak private keys when doing --debug by @wlallemand in #6268
    update documentation for --cert-home parameter by @fraenki in #4384
    support NTFY_TOKEN by @beedaddy in #6277
    fix regex of matching hetzner dns api error responses by @lindsayzhou in #6198
    Avoid permissions errors for chown .well-known by @kevinoid in #623
    Fix error message variable when reload cmd returns with an error by \ 
@magyarsz in #6282
    Don't deploy ECC certs to legacy Ruckus by @ms264556 in #6285
    Bump Alpine version from 3.17 to 3.21 by @Gontier-Julien in #6299
    Add Edgecenter DNS API by @ruuuch in #6317
    Fix error detection in vault deploy hook by @alindt in #6315

3.1.0:
What's Changed

    refactor: Alibaba Cloud API by @PMExtra in #5294
    Fix Timeweb Cloud DNS API pagination by @nikolaypronchev in #5296
    Update dns_openprovider.sh for OpenProvider by @WinSCaP in #5183
    update dns_doapi by @henrikalves in #5158
    Add OpenContainers Annotations as Labels to Docker Image by @mpgirro in #5305
    Add ali_dcdn deploy hook (Alibaba Cloud DCDN) by @PMExtra in #5297
    on OpenBSD, add libiconv by @jschauma in #5309
    Updated MS links, added wiki link, updated error messages, updated API limit \ 
comment by @abulgatz in #5313
    Adding omg.lol DNS API by @as-kholin in #5301
    Fix markdown issue in telegram notify hook by @fazelukario in #5315
    Update Porkbun API URL by @allddd in #5323
    Revert txt add update by @lifeboy in #5331
    Fix POSIX shell portability by @ryoon in #5374
    Fix dns_pdns.sh to use saved account conf by @sahsanu in #5328
    Dns API: fix structural info by @stokito in #6087
    Fixes issue 4956: 'Linode DNS Pagination Bug' by @vmmello in #5172
    fix(truenas): broken script since 23.10 scale release by @M0NsTeRRR in #6089
    StrongSwan deploy hook: swanctl support by @sergiustheblack in #6094
    Add existing bearer token support to Azure DNS API by @stbeldarborge in #5276
    fix: new version of fornex dns based on api version 2.3.1 by @CreatorHRS in #6106
   2024-10-24 16:00:37 by Ryo ONODERA | Files touched by this commit (4) | Package updated
Log message:
security/acmesh: Update to 3.0.9

Changelog:
3.0.9:
Minor, just for nsupdate hook

3.0.8:
What's Changed

    Add support for Mattermost notifications (Bot account) by @defragatwork in #4622
    Update haproxy.sh by @podguzovvasily in #4841
    Acme2 similar names by @studycom-mrobinson in #4855
    Fix #4460 by @trulyliu in #4843
    dns_1984.hosting.sh: update login and account status URLs by @phedoreanu in #4866
    Fix typo in proxmoxve deploy hook by @Max13 in #4853
    Update dns_gcloud.sh rm logs record added by @sandercox in #4872
    support West.cn Domain by @mrbaiwei in #4861
    sync by @Neilpang in #4899
    sync by @Neilpang in #4918
    Logout update for DSM Deploy script (2727 issue) by @LordDarkneo in #4925
    remove dns_do as it does not work anymore by @seidler2547 in #4161
    Fix RouterOS deploy hook for 7 by @dario-pilori in #4940
    Fix #4836 (Switch to new Gandi LiveDNS API) by @rparenton in #4948
    sync by @Neilpang in #4986
    sync by @Neilpang in #4987
    Add SYNO_USE_TEMP_ADMIN variable & Fix broken logic by @scruel in #4706
    sync by @Neilpang in #5021
    haproxy deploy hook updates existing certificate over stats socket by \ 
@wlallemand in #4581
    Aws dns imdsv2 by @derytim in #4979
    dns-record TTL set to 300 by @hknet in #5048
    fix(config_migrate): always remove domain old key & replace old value by \ 
new value by @scruel in #5032
    feature: add template option for panos deploy hook by @aSauerwein in #5072
    Add support for Lima-City by @laraveluser in #4757
    Fix: Decode eab_hmac_key as single-line by @annieoxe in #5069
    sync by @Neilpang in #5075
    Patch Synology DSM deploy: support DSM 6.x & user-friendly refactor. by \ 
@scruel in #5023
    sync by @Neilpang in #5102
    fix(deploy_dsm): missing gerp -P option on busybox by @scruel in #5111
    fix(deploy_dsm): ensure grep get the error code by @scruel in #5113
    fixed handling of key and secret by @hknet in #5049
    sync by @Neilpang in #5123
    Add notification support for ntfy.sh by @jeromecst in #4929
    Structured DNS provider API info by @stokito in #4738
    dns_1984.hosting - update _get_root check by @phedoreanu in #5057
    Quote echo $data in _porkbun_rest (dns_porkbun) by @j-c-m in #5041
    Feature: DNS API for IONOS cloud by @zak905 in #5110
    improve compatibility with FreeBSD by @themarek in #5159
    feat: Support manually defining extended key usage in CSR by @mdmower in #5133
    Improve grammar by @vladh in #4896
    sync by @Neilpang in #5206
    fix(deploy): respect api path with synology Auth API by @scruel in #5207
    dns_porkbun: remove stray backslashes by @allddd in #5212
    feat: guide user to run script as root to create temp admin user by @scruel \ 
in #5139
    _checkSudo: [ -z "__INTERACTIVE" ] should be [ -z \ 
"$__INTERACTIVE" ] by @oittaa in #5217
    RouterOS - make deploy more resilient by @nathanejohnson in #5245
    Add ACCOUNT_THUMBPRINT to update account by @williamdes in #5252
    sync by @Neilpang in #5255
    Fix MIAB dns create TXT record format by @lifeboy in #5268
    Support for the Yandex 360 for Business DNS API by @WhiteAls in #5214
    Update dns_huaweicloud.sh by @i18nsite in #5263
    feat(deploy_ali_cdn): support Alibaba Cloud CDN deployment by @PMExtra in #5205
    Add Timeweb Cloud DNS API by @nikolaypronchev in #5141
    Add optional cmd line parameter NSUPDATE_OPT to dns_nsupdate api by @gmanic \ 
in #5224
    improve performance and memory usage for dns_anx by @rwese in #5187
    Update teams notification workflow by @Linkje in #5223
    New Alviy provider by @alviy in #5117
    sync by @Neilpang in #5284
   2024-04-07 20:19:42 by Ryo ONODERA | Files touched by this commit (3) 
Log message:
security/acmesh: Update to 3.0.7

Changelog:
What's Changed

    dns_1984.hosting.sh: fix login with valid csrftoken by @phedoreanu in #4412
    Spelling / grammar by @systemcrash in #4574
    Notify hook: AWS SES by @szhu25 in #4687
    Remove external OTP dependency from deploy hook Synology_DSM.sh by \ 
@Eagle3386 in #4646
    4442 by @Neilpang in #4691
    Add BookMyName API support by @alaunay in #3208
    Fix SES region variable by @szhu25 in #4700
    Update dns_kappernet.sh by @hknet in #4714
    sync by @Neilpang in #4720
    Add DNSExit.com API support by @samuel-jimenez in #4712
    Fix the API calls that get the list of domains that PLESK can manage by \ 
@zearan in #4710
    Fixed help verbiage to reflect capabilities of --ecc flag by @sg1888 in #4708
    Added functionality for Palo Alto Firewall deployments (PANOS) by @sg1888 in \ 
#4575
    Remove punctuation symbol by @vitoyucepi in #4745
    Master 1 by @glocknerc in #4755
    fix for curl bugs nghttp2_option_set_no_rfc9113_leading_and_trailing_… by \ 
@KincaidYang in #4776
    inwx: Be case insensitive while searching for the cookie. by @sebastianas in \ 
#4764
    Fixed grep pattern regex for nginx conf path by @Nirzak in #4749
    fix for nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation by \ 
@KincaidYang in #4779
    Fix Auth API access for DSM 6 by @Eagle3386 in #4728
    Add ArtFiles.de DNS API plugin by @Eagle3386 in #3959
    Improved api compatibility with devices by @LJea in #4754
    dns_gandi: implements token in addition to the (deprecated) API key by \ 
@zbbfufu in #4794
    Random cron by @MarcelWaldvogel in #944
    Add TencentCloud API by @KincaidYang in #4782
    Fix Variomedia API by @TobiasGrave in #4787
    fix: Synology DSM API path regex by @winromulus in #4809
   2023-06-18 17:42:22 by Jonathan Schleifer | Files touched by this commit (3) 
Log message:
Update security/acmesh to 3.0.6

This fixes a RCE vulnerability.
   2023-01-04 18:27:11 by Patrick Welche | Files touched by this commit (3) 
Log message:
Update acmesh to 3.0.5

- fix  Why try to purge Cloudflare DNS TXT record? #4369  and other bugs
- support Google Public CA
- support NotBefore and NotAfter fields.
- more dns apis support.
   2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) 
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
   2021-10-17 11:02:46 by Nia Alarie | Files touched by this commit (3) | Package updated
Log message:
acmesh: update to 3.0.1

Changes:

- We don't have bugs for the DST roots, but we add a new useful command \ 
"--set-default-chain" for the users to fix the chains fast.
- More dns apis are added.
- More deploy hooks are added.
- Normal bug fixes.
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) 
Log message:
security: Remove SHA1 hashes for distfiles