Skip to content
A modular and compact ACME client for issuing and renewing certificates with Let's Encrypt
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


This is a compact, modularized Python ACME library and command line interface which allows to issue and renew Let's Encrypt certificates for your server, by either running this script on your server or by running it somewhere else. It does needs access to your private Let's Encrypt account key. Please note that this code is somewhat experimental, so don't use this in production environments without checking the code first. Since there isn't too much code (834 lines, including docstrings and CLI help) this should be manageable.


The code is based on acme-tiny by Daniel Roesler, which can be found at GitHub. I used a Python 3 adjusted version by Collin Anderson as a base (available here as branch py3).

The main reason why I created this version is that it is more modular; in particular, it allows to run this script on another machine than the webserver! Also, it can be easily integrated into scripts and orchestration programs such as ansible to handle certificate creation on another machine. While at it, I also added commands for some more steps (account key creation, private key and CSR creation) so everything is bundled in one place.

This modularization comes at a cost: it increases the code size a bit. That's why I started a new project instead of simply forking (and starting a Pull Request for) the original project.

This code should work with Python 2 and Python 3, and requires OpenSSL's command line tool openssl in the path. It was tested with both OpenSSL 1.0.x and OpenSSL 1.1.0.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.