An ACME client library and PowerShell client for the .NET platform.
Jump To:
For NEW Documentation for the v0.9.x releases, please see the new documentation
For OLD documentation and getting started, go to the wiki.
Also, see the the FAQ.
For announcements and discussions please see one of these:
 |
by Gitter |
 |
by Google Groups |
This project implements a client library and PowerShell client for the ACME protocol.
- ACMESharp is interoperable with the CA server used by the Let's Encrypt project which is the reference implementation for the server-side ACME protocol.
- ACMESharp includes features comparable to the official Let's Encrypt client which is the reference implementation for the client-side ACME protocol.
The ACMESharp client implementation is broken up into layers that build upon each other:
- basic tools and services required for implementing the ACME protocol and its semantics (JSON Web Signature (JWS), PKI operations, client-side persistence)
- low-level ACME protocol client library that can interoperate with a compliant ACME server
- PowerShell module that implements a powerful client, that functions equally well as a manual tool or a component of a larger automation process, for managing ACME Registrations, Identifiers and Certificates
- collection of Provider extensions that implement Challenge Handlers and Installers for various servers/services.
Some of the Providers available for handling ACME challenges and installing certificates include:
- Microsoft IIS 7.0+
- Microsoft Windows (Cert Store, DNS)
- AWS (S3, Route 53, ELB, IAM)
- CloudFlare
 |
| PS3 | PS4 | PS5 |
|---|---|---|
/statusIcon.svg) |
/statusIcon.svg) |
/statusIcon.svg) |
-
If you just want to use ACMESharp to request and install certificates, then you want the ACMESharp PowerShell client.
-
See the instructions for installing the PowerShell client and the list of available modules.
- If you are a developer who wants to embed ACMESharp client libraries in your own projects or want to develop extensions for ACMESharp, see the list of available NuGet Packages.
This client is fully operable and can successfully interact with the Let's Encrypt production and staging servers to:
- Initialize new Registrations
- Authorize DNS Identifiers
- Issue Certificates
Further, it can successfully install and configure the certificate and related SSL/TLS settings for various local (e.g. IIS, Cert Store) or remote (e.g. AWS, CloudFlare) servers or services.
All documentation is still work-in-progress.
You can find an example of how to get started quickly here.
Check out these other related projects and resources:
- For a great intro and overview of Let's Encrypt, ACME and related tech, check out this Changelog podcast with Jacob Hoffman-Andrews, the lead developer of LE
- An alternative simple ACME client for Windows which features:
- simple usage for common scenarios
- IIS support
- automatic renewals
- A GUI interface to this project's PowerShell module
- The official python ACME client of the [Let's Encrypt] project
- The ACME specification which brings this all together (under development)
- See other contributions
This ACME client is being developed against the Boulder CA ACME server reference implementation. See how to quickly spin up your own instance in AWS on an Amazon Linux AMI.
Please note, this project was formerly named letsencrypt-win.