ACMEShell is Python2/3 compatible shell-style client for LetsEncrypt. It's simple tool for anyone who would like to request a SSL certificate.

• acmeshell.py
• also on github

• project renamed from letsencryptshell due to trademark violation

• user friendly (simple shell-style user interface) ... see examples
• script friendly (simple integration into automated scripts) ... see examples
• portable code (compatible with python2 and python3)
• easily auditable (currently less than 1500 rows of code)

acmeshell

By default it creates: home directory: {home}/.acmeshell directory for certificates: {home}/.acmeshell/certs 3072bit master secret-key: {home}/.acmeshell/sk.pem 3072bit master public-key: {home}/.acmeshell/pk.pem

ACMEShell> register https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf {email@address}

ACMEShell> domainchallenge {domain}

... Now It's time to create page http://{domain}/.well-known/acme-challenge/{httptoken_from_challenge} ... or DNS record: _acme-challenge.{domain} 300 IN TXT "{dnstoken_from_challenge}"

ACMEShell> domainconfirm {domain} http
or
ACMEShell> domainconfirm {domain} dns

ACMEShell> certificateget {domain}

It creates: 2048bit RSA or 256bit ECDSA key: {home}/.acmeshell/certs/{domain}.key signed x509 certificate: {home}/.acmeshell/certs/{domain}.crt intermediate certificate: {home}/.acmeshell/certs/{domain}.im

• acmeshell currently depends on openssl binary
• home directory {home}/.acmeshell should be on encrypted filesystem
• acmeshell currently supports only http-01 ACME challege (tls-sni-01 will be added soon)
• acmeshell currently supports RSA(2048bit) and ECDSA(256bit) keys