Automatic Certificates and HTTPS for everyone.

Lego

Let's Encrypt client and ACME library written in Go.

Features

• ACME v2 RFC 8555
  • Support RFC 8737: TLS Application‑Layer Protocol Negotiation (ALPN) Challenge Extension
  • Support RFC 8738: certificates for IP addresses
  • Support draft-ietf-acme-ari-01: Renewal Information (ARI) Extension
• Register with CA
• Obtain certificates, both from scratch or with an existing CSR
• Renew certificates
• Revoke certificates
• Robust implementation of all ACME challenges
  • HTTP (http-01)
  • DNS (dns-01)
  • TLS (tls-alpn-01)
• SAN certificate support
• CNAME support by default
• Comes with multiple optional DNS providers
• Custom challenge solvers
• Certificate bundling
• OCSP helper function

Installation

How to install.

Usage

• as a CLI
• as a library

Documentation

Documentation is hosted live at https://go-acme.github.io/lego/.

DNS providers

Detailed documentation is available here.

Akamai EdgeDNS	Alibaba Cloud DNS	all-inkl	Amazon Lightsail
Amazon Route 53	ArvanCloud	Aurora DNS	Autodns
Azure (deprecated)	Azure DNS	Bindman	Bluecat
Brandit	Bunny	Checkdomain	Civo
Cloud.ru	CloudDNS	Cloudflare	ClouDNS
CloudXNS	ConoHa	Constellix	Derak Cloud
deSEC.io	Designate DNSaaS for Openstack	Digital Ocean	DNS Made Easy
dnsHome.de	DNSimple	DNSPod (deprecated)	Domain Offensive (do.de)
Domeneshop	DreamHost	Duck DNS	Dyn
Dynu	EasyDNS	Efficient IP	Epik
Exoscale	External program	freemyip.com	G-Core
Gandi Live DNS (v5)	Gandi	Glesys	Go Daddy
Google Cloud	Google Domains	Hetzner	Hosting.de
Hosttech	HTTP request	http.net	Hurricane Electric DNS
HyperOne	IBM Cloud (SoftLayer)	IIJ DNS Platform Service	Infoblox
Infomaniak	Internet Initiative Japan	Internet.bs	INWX
Ionos	IPv64	iwantmyname	Joker
Joohoi's ACME-DNS	Liara	Linode (v4)	Liquid Web
Loopia	LuaDNS	Manual	Metaname
MyDNS.jp	MythicBeasts	Name.com	Namecheap
Namesilo	NearlyFreeSpeech.NET	Netcup	Netlify
Nicmanager	NIFCloud	Njalla	Nodion
NS1	Open Telekom Cloud	Oracle Cloud	OVH
plesk.com	Porkbun	PowerDNS	Rackspace
RcodeZero	reg.ru	RFC2136	RimuHosting
Sakura Cloud	Scaleway	Selectel	Servercow
Simply.com	Sonic	Stackpath	Tencent Cloud DNS
TransIP	UKFast SafeDNS	Ultradns	Variomedia
VegaDNS	Vercel	Versio.[nl/eu/uk]	VinylDNS
VK Cloud	Vscale	Vultr	Websupport
WEDOS	Yandex 360	Yandex Cloud	Yandex PDD
Zone.ee	Zonomi

If your DNS provider is not supported, please open an issue.