ACME Client Implementations

Cause when you fail, somebody has to laugh at you

Let’s Encrypt is a free, automated, and open Certificate Authority. That means ...

In the spirit of Web Hosting who support Let's Encrypt and CDN Providers who support Let's Encrypt, I wanted to compile a list of DNS providers that feature a workflow (e.g. an API and existing ACME client integrations) that is a good fit for Let's Encrypt's DNS validation. It should serve as a signpost for those who want to use DNS validation (wildcards, firewall problems) and are looking for an automatic solution. FYI: The DNS hosts listed here are ones that are confirmed to support automate...

Media over QUIC: Setting up TLS is a pain, but it's a requirement for HTTPS. QUIC and WebTransport introduce even more pain. We like pain, right?

Introduction Serverless and managed things are the best choices if you don’t want to deal with infrastructure (3 2 1: fight) buuuuut…even immutable things are not so bad for this purpose - at least, if they are immutable for real 🤣 Today I wanna talk about a useful way to run an instance(s) of VSC server in AWS and code from everywhere (yes, even your iPad): let’s start! This time I will go native: so no CDK, I’m sorry, but pure Cloudformation instead. If you are not interested in all the astonishing things I have to say, you can find the template here.

Introduction This is a repost of an old article - that actually also inspired my talk of the last year at FullStackConf2019 :) Serverless and managed things are the best choices if you don’t want to deal with infrastructure (3 2 1: fight) buuuuut…even immutable things are not so bad for this purpose - at least, if they are immutable for real 🤣 Today I wanna talk about a useful way to run an instance(s) of VSC server in AWS and code from everywhere (yes, even your iPad): let’s start!

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs - dani-garcia/vaultwarden

Today we’re happy to announce the availability of our ACME v2 production endpoint. This is a technical post with some details about the v2 API intended for ACME client developers. End users can begin issuing trusted, production ready certificates with their ACME v2 compatible clients using the following directory URL: https://acme-v02.api.letsencrypt.org/directory Remember: You must use an ACME v2 compatible client to access this endpoint. Please consult our list of ACME v2 compatible clients....

Find out if your site needs HTTPS.

We’re pleased to announce that ACMEv2 and wildcard certificate support is live! With today’s new features we’re continuing to break down barriers for HTTPS adoption across the Web by making it even easier for every website to get and manage certificates. ACMEv2 is an updated version of our ACME protocol which has gone through the IETF standards process, taking into account feedback from industry experts and other organizations that might want to use the ACME protocol for certificate issuance an...

To obtain a Let’s Encrypt certificate, you have to prove that you control the domain name(s) the certificate will cover. The simplest and most common way to do this involves placing a special file at a special URL on your website, which Let’s Encrypt then checks by making an HTTP request to your server on port 80. Most popular ACME clients such as Certbot can easily automate this domain validation method. Unfortunately, this doesn’t work in the case where port 80 is closed.

It’s always recommended to view web pages through HTTPS connections, even it’s just a static HTML page. So, as a content provider, it’s my duty to host websites with HTTPS. To enable HTTPS on the web server like Apache or Nginx, valid certificates are required. In my case, I have bought and configured a domain name on Gandi.net for my home cluster. It’s better to have different certificates for each service than having a single wildcard certificate for all the services due to security concerns. However, I still use wildcard certificate for one reason (I’ll talk about it later). So in this article I’m going to explain how to get TLS wildcard certificates with Let’s Encrypt using DNS validation.

ACME, a brief history of one of the protocols which has changed the Internet Security Changelog 03 December 2025: article announced on Mastodon, LinkedIn and X. 03 December 2025: J.C. Jones published his reflections about 10 years of Let’s Encrypt. A must read! 03 December 2025: J.C. has also been kind enough to announce this article on Hacker News. It makes it jump in the TOP 25 on the HN homepage and in stats (31k reads after 24h, 45k after 15d) 💚 04 December 2025: add a link to the ACME website of Fabien Hochstrasser.

A programmer's blog with posts about Ruby, web development, algorithms and data structure.

Let's Encrypt provides free SSL certificates, which is awesome, and a free tool to automatically verify domain ownership and install the c...

Today, nearly two percent of all TLS 1.3 connections established with Cloudflare are secured with post-quantum cryptography. What once was the topic of futuristic tech demos will soon be the new security baseline for the Internet. In this blog post we’ll take measure of where we are now in early 2024, what to expect for the coming years, and what you can do today.