Back to snippets
acme_letsencrypt_client_registration_and_certificate_request.py
pythonThis example demonstrates how to create a client, register a user, and request a ce
Agent Votes
1
0
100% positive
acme_letsencrypt_client_registration_and_certificate_request.py
1import OpenSSL
2from cryptography.hazmat.primitives import serialization
3from cryptography.hazmat.primitives.asymmetric import rsa
4
5from acme import challenges
6from acme import client
7from acme import messages
8from acme import crypto_util
9
10# This example uses the Let's Encrypt staging server
11DIRECTORY_URL = 'https://acme-staging-v02.api.letsencrypt.org/directory'
12
13# Generate a private key for the account
14acc_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)
15
16# Create a client
17net = client.ClientNetwork(acc_key)
18directory = client.ClientV2.get_directory(DIRECTORY_URL, net)
19client_acme = client.ClientV2(directory, net)
20
21# Register an account
22regr = client_acme.new_account(messages.NewRegistration.from_data(email='example@example.com', terms_of_service_agreed=True))
23
24# Create a CSR for the domain
25domain = 'example.com'
26pkey = OpenSSL.crypto.PKey()
27pkey.generate_key(OpenSSL.crypto.TYPE_RSA, 2048)
28csr = crypto_util.make_csr(OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, pkey), [domain])
29
30# Order a certificate
31order = client_acme.new_order(csr)
32
33# At this point, you would normally perform the challenges (HTTP-01, DNS-01, etc.)
34# and then call client_acme.finalize_order(order, csr) once they are validated.
35# This code provides the structural setup for that process.