Skip to content

RogierW/rw-acme-client

master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
src
 
 
 
 
 
 
 
 

Let’s Encrypt ACME client written in PHP

Latest Version on Packagist Scrutinizer Code Quality StyleCI

This library allows you to request, renew and revoke SSL certificates provided by Let's Encrypt.

Requirements

  • PHP ^8.1
  • OpenSSL >= 1.0.1
  • cURL extension
  • JSON extension
  • Note: v2 of this package only supports php:^8.1. If you're looking for the older version, check out v1.

Installation

You can install the package via composer:

composer require rogierw/rw-acme-client

Usage

You can create an instance of Rogierw\RwAcme\Api client.

$client = new Api('test@example.com', __DIR__ . '/__account');

Creating an account

if (!$client->account()->exists()) {
    $account = $client->account()->create();
}

// Or get an existing account.
$account = $client->account()->get();

Creating an order

$order = $client->order()->new($account, ['example.com']);

Getting an order

$order = $client->order()->get($order->id);

Domain validation

Getting the DCV status

$validationStatus = $client->domainValidation()->status($order);

http-01

Get the name and content for the validation file:

// Get the data for the HTTP challenge; filename and content.
$validationData = $client->domainValidation()->getFileValidationData($validationStatus);

This returns an array:

Array
(
    [0] => Array
        (
            [type] => http-01
            [identifier] => example.com
            [filename] => sqQnDYNNywpkwuHeU4b4FTPI2mwSrDF13ti08YFMm9M
            [content] => sqQnDYNNywpkwuHeU4b4FTPI2mwSrDF13ti08YFMm9M.kB7_eWSDdG3aWIaPSp6Uy4vLBbBI5M0COvM-AZOBcoQ
        )
)

The Let's Encrypt validation server will make a request to the following URL:

http://example.com/.well-known/acme-challenge/sqQnDYNNywpkwuHeU4b4FTPI2mwSrDF13ti08YFMm9M

dns-01

@TODO

Start domain validation

try {
    $client->domainValidation()->start($account, $validationStatus[0]);
} catch (DomainValidationException $exception) {
    // The local HTTP challenge test has been failed...
}

Generating a CSR

$privateKey = \Rogierw\RwAcme\Support\OpenSsl::generatePrivateKey();
$csr = \Rogierw\RwAcme\Support\OpenSsl::generateCsr(['example.com'], $privateKey);

Finalizing order

if ($order->isReady() && $client->domainValidation()->challengeSucceeded($order, DomainValidation::TYPE_HTTP)) {
    $client->order()->finalize($order, $csr);
}

Getting the actual certificate

if ($order->isFinalized()) {
    $certificateBundle = $client->certificate()->getBundle($order);
}

Revoke a certificate

if ($order->isValid()) {
    $client->certificate()->revoke($certificateBundle->fullchain);
}