ContextQMD
Back to Lego

Lego

docs/content/_index.md

4.35.21.5 KB
Original Source

Let's Encrypt client and ACME library written in Go.

{{% notice important %}} lego is an independent, free, and open-source project, if you value it, consider supporting it! ❤️

This project is not owned by a company. I'm not an employee of a company.

I don't have gifted domains/accounts from DNS companies.

I've been maintaining it for about 10 years. {{% /notice %}}

Features

  • ACME v2 RFC 8555
    • Support RFC 8737: TLS Application‑Layer Protocol Negotiation (ALPN) Challenge Extension
    • Support RFC 8738: issues certificates for IP addresses
    • Support RFC 9773: Renewal Information (ARI) Extension
    • Support draft-ietf-acme-profiles-00: Profiles Extension
  • Comes with about [180 DNS providers]({{% ref "dns" %}})
  • Register with CA
  • Obtain certificates, both from scratch or with an existing CSR
  • Renew certificates
  • Revoke certificates
  • Robust implementation of ACME challenges:
    • HTTP (http-01)
    • DNS (dns-01)
    • TLS (tls-alpn-01)
  • SAN certificate support
  • CNAME support by default
  • [Custom challenge solvers]({{% ref "usage/library/Writing-a-Challenge-Solver" %}})
  • Certificate bundling
  • OCSP helper function