kelunik/aerys-acme

Encrypting TLS hosts automatically using ACME to issue certificates.

Maintainers

Details

github.com/kelunik/aerys-acme

Source

Issues

Installs: 5

Dependents: 0

Suggesters: 0

Security: 0

Stars: 13

Watchers: 3

Forks: 0

Open Issues: 5

v0.1.0 2015-11-25 19:27 UTC

Requires

MIT 0ad4b165765c7a4f106cb8a7ea085724d64a626f

  • Niklas Keller <me.woop@kelunik.com>

This package is auto-updated.

Last update: 2024-11-15 07:32:46 UTC

README

ACME is a protocol to automate certificate issuance and renewal. Aerys provides a feature to encrypt hosts automatically using ACME.

installation

composer require kelunik/aerys-acme:dev-master

usage

<?php

use Aerys\Acme\AcmeHost;
use Aerys\Host;

const LETS_ENCRYPT_AGREEMENT = "https://letsencrypt.org/documents/LE-SA-v1.0.1-July-27-2015.pdf";
const LETS_ENCRYPT_STAGING = "https://acme-staging.api.letsencrypt.org/directory";
const LETS_ENCRYPT_BETA = "https://acme-v01.api.letsencrypt.org/directory";

$https = (new Host)
    ->expose("*", 443)
    ->name("example.com");

// Currently we need a redirect, because the spec requires
// the initial HTTP challenge to use HTTP instead of HTTPS.
// If you don't want to redirect all traffic, just redirect
// everything starting with "/.well-known/acme-challenge/".
$http = (new Host)
    ->expose("*", 80)
    ->name("example.com")
    ->redirect("https://example.com");

// this will issue a test certificate, see below
return (new AcmeHost($https, __DIR__ . "/ssl"))
    ->acceptAgreement(LETS_ENCRYPT_AGREEMENT)
    ->encrypt(LETS_ENCRYPT_STAGING, ["mailto:me@example.com"]);

// if your domain is already whitelisted for Let's Encrypt's closed beta,
// use the right server to obtain a real certificate
// return (new AcmeHost($https, __DIR__ . "/ssl"))
//    ->acceptAgreement(LETS_ENCRYPT_AGREEMENT)
//    ->encrypt(LETS_ENCRYPT_BETA, ["mailto:me@example.com"]);