Webprofusion.Certify.ACME.Anvil
3.3.1
dotnet add package Webprofusion.Certify.ACME.Anvil --version 3.3.1
NuGet\Install-Package Webprofusion.Certify.ACME.Anvil -Version 3.3.1
<PackageReference Include="Webprofusion.Certify.ACME.Anvil" Version="3.3.1" />
paket add Webprofusion.Certify.ACME.Anvil --version 3.3.1
#r "nuget: Webprofusion.Certify.ACME.Anvil, 3.3.1"
// Install Webprofusion.Certify.ACME.Anvil as a Cake Addin #addin nuget:?package=Webprofusion.Certify.ACME.Anvil&version=3.3.1 // Install Webprofusion.Certify.ACME.Anvil as a Cake Tool #tool nuget:?package=Webprofusion.Certify.ACME.Anvil&version=3.3.1
Anvil
The project is a fork of https://github.com/fszlin/certes with packaging updates, feature updates and experimental extensions.
This library is an ACME client implementation primarily used by https://certifytheweb.com and is subject to changes required by that application.
Extended Features:
- ACME ARI (renewal info)
- Certificate chain build does not require installed/embedded root cert
- Optional use of modern PFX cert/key algorithms for OpenSSL 3.x+ compatibility
- Authority token challenges, tkauth-01 and TnAuthList
Account
Creating new ACME account:
var acme = new AcmeContext(WellKnownServers.LetsEncryptStagingV2);
var account = await acme.NewAccount("admin@example.com", true);
// Save the account key for later use
var pemKey = acme.AccountKey.ToPem();
Use an existing ACME account:
// Load the saved account key
var accountKey = KeyFactory.FromPem(pemKey);
var acme = new AcmeContext(WellKnownServers.LetsEncryptStagingV2, accountKey);
var account = await acme.Account();
See API doc for additional operations.
Order
Place a wildcard certificate order (DNS validation is required for wildcard certificates)
var order = await acme.NewOrder(new[] { "*.your.domain.name" });
Generate the value for DNS TXT record
var authz = (await order.Authorizations()).First();
var dnsChallenge = await authz.Dns();
var dnsTxt = acme.AccountKey.DnsTxt(dnsChallenge.Token);
Add a DNS TXT record to _acme-challenge.your.domain.name
with dnsTxt
value.
For non-wildcard certificate, HTTP challenge is also available
var order = await acme.NewOrder(new[] { "your.domain.name" });
Authorization
Get the token and key authorization string
var authz = (await order.Authorizations()).First();
var httpChallenge = await authz.Http();
var keyAuthz = httpChallenge.KeyAuthz;
Save the key authorization string in a text file,
and upload it to http://your.domain.name/.well-known/acme-challenge/<token>
Validate
Ask the ACME server to validate our domain ownership
await challenge.Validate();
Certificate
Download the certificate once validation is done
var privateKey = KeyFactory.NewKey(KeyAlgorithm.ES256);
var cert = await order.Generate(new CsrInfo
{
CommonName = "your.domain.name",
}, privateKey);
Export full chain certification
var certPem = cert.ToPem();
Export PFX
var pfxBuilder = cert.ToPfx(privateKey);
var pfx = pfxBuilder.Build("my-cert", "abcd1234");
Product | Versions Compatible and additional computed target framework versions. |
---|---|
.NET | net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 is compatible. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. |
.NET Core | netcoreapp2.0 was computed. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed. |
.NET Standard | netstandard2.0 is compatible. netstandard2.1 was computed. |
.NET Framework | net461 was computed. net462 was computed. net463 was computed. net47 was computed. net471 was computed. net472 was computed. net48 was computed. net481 was computed. |
MonoAndroid | monoandroid was computed. |
MonoMac | monomac was computed. |
MonoTouch | monotouch was computed. |
Tizen | tizen40 was computed. tizen60 was computed. |
Xamarin.iOS | xamarinios was computed. |
Xamarin.Mac | xamarinmac was computed. |
Xamarin.TVOS | xamarintvos was computed. |
Xamarin.WatchOS | xamarinwatchos was computed. |
-
.NETStandard 2.0
- BouncyCastle.Cryptography (>= 2.4.0)
- Newtonsoft.Json (>= 13.0.3)
-
net7.0
- BouncyCastle.Cryptography (>= 2.4.0)
- Newtonsoft.Json (>= 13.0.3)
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.