mod_md - Everybody Spies
Copyright 2017 greenbytes GmbH
This repository contains
mod_md, a module for Apache httpd that adds support for Let's Encrypt (and other ACME CAs).
This code here is to help people review and comment and test early versions. Issues you can raise here, general discussion is probably best at the httpd dev mailing list.
Look on the wiki for directions on how to use
The module has been backported to Apache 2.4.x branch and was released in version 2.4.33 (in the release notes, you will see it listed as change in 2.4.30 - a release that never saw the light of day. So, in a sane world, all changes since 2.4.29 would be listed as change in 2.4.33. But release managers already carry a heavy burden. One always treats them with respect and bows thankfully and does not mentions one's unimportant annoyances ;).
For the impatient and danger seekers: what you find here is a copy of what lives inside the Apache httpd
trunk repository. While people find an occasional
hickup - mostly due to some unique aspect in the setups - several people, including myself, are running this inside a patched
2.4 Apache for months now. And successfully.
However, this is not checkout, configure and shoot. For it to work, you need a patched mod_ssl (patch is provided in directory
patches), but that is about the only complication.
The Apache2 PPA for ubuntu by @oerdnj, see here, has a patched
mod_ssl just as
mod_md needs it! Thanks! So, in such a server you just need to drop mod_md from here.
Tests have been verified to run on MacOS and Ubuntu 16.04 under the following conditions:
- the *SSL library you compile with supports
- curl is linked against this recent *SSL lib
- your Apache httpd installation has a patched
- you have a local boulder server installed and it resolved host names against your httpd (see below)
So, it's a bit tricky when your OS does not support features like
SNI in its standard config.
See 2.4.x Installation on the wiki.
ChangeLog for details.
Please see the file called LICENSE.
This work is supported by an Award from MOSS, the Mozilla Open Source Support project. Many thanks to these excellent people! You are awesome!
Test cases mostly written by my colleague @michael-koeller who made this to a good part really a test driven development. Thanks!
Stefan Eissing, greenbytes GmbH
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without warranty of any kind. See LICENSE for details.