You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Certgrinder is a client/server system for getting LetsEncrypt certificates for your infrastructure. ACME challenges are handled by the Certgrinder server, making it possible to get certificates in highly isolated environments, since only an SSH connection to the Certgrinder server is needed.
A simple Go program that lets you automate the updating of TLSA DNS records with the Cloudflare v4 API from acme.sh generated keys, including a rollover (next) key.
Let's Encrypt encourages the use of certbot to automate certificate renewal, but that tool generates a new CSR every time. That makes DANE with TLSA difficult, so this set of scripts automates the renewal of consistent CSRs with certbot so systems administrators can choose when to generate a new CSR and update their DNS records in anticipation.