Skip to content

letsencrypt/ceremony-demos

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

ceremonies

ceremonies

 
 

outputs

outputs

 
 

softhsm

softhsm

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

init-softhsm.sh

init-softhsm.sh

 
 

reset.sh

reset.sh

 
 

run-all.sh

run-all.sh

 
 

update-output-files.sh

update-output-files.sh

 
 

verify.go

verify.go

 
 

Repository files navigation

Let's Encrypt Key Ceremony Demos

This directory contains example config files that simulate certificate profiles used by Let's Encrypt for various key ceremonies in detail. The primary goal is to gather feedback prior to upcoming key ceremonies. The repository will also serve as a historical marker of past ceremonies detailing the evolution of the Let's Encrypt chain of trust.

To see generated certificate output for the upcoming ceremony without needing to run this tooling, see the outputs folder.

To try it out:

  • Install the ceremony tool in your $PATH.

    go install https://github.com/letsencrypt/boulder/cmd/ceremony

  • Install SoftHSMv2.

    sudo apt install softhsm2

  • Update the YAML files, if necessary, to reflect that path to your SoftHSMv2 install.

  • Execute the demo ceremony.

    ./reset.sh && ./run-all.sh

  • If you're working on a specific branch of boulder making changes to the ceremony tool and need to test an uncoming ceremony:

    export CEREMONY_BIN=/path/to/active/development/boulder/bin/ceremony
./run.sh

About

Demo files demonstrating what the new hierarchy we generate in 2024 will look like.

Resources

Readme
Activity
Custom properties

Stars

19 stars

Watchers

6 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages