search

AMEST / DotNetCertBot

certbot issue certificate for tk, ml, cf (freenom) domains by freenom or cloudflare dns challenge. Freenom DNS. Cloudflare DNS ACME challenge
https://certbot.nb-47.ml
The Unlicense
14 stars 3 forks source link

Generate ACME Certificate #5

Open tengfong00 opened 2 years ago

tengfong00 commented 2 years ago

Is it possible to generate a acme certificate (acme.json) rather than .pem and .key file?

AMEST commented 2 years ago

Purely theoretically, it is possible to make an alternative output in acme.json. If it looks something like this (indicated below), then in principle all the data is there and such a file can be generated.

{
  "Account": {
    "Email": "your@emmail.com",
    "Registration": {
      "body": {
        "status": "valid",
        "contact": [
          "mailto:your@emmail.com"
        ]
      },
      "uri": "https://acme-v02.api.letsencrypt.org/acme/acct/XXXX"
    },
    "PrivateKey": "xxxx",
    "KeyType": "2048"
  },
  "Certificates": [
    {
      "Domain": {
        "Main": "domain.com",
        "SANs": ["san.domain.com"]
      },
      "Certificate": "xxx",
      "Key": "xxx"
    }
  ],
  "HTTPChallenges": null,
  "TLSChallenges": {}
}
tengfong00 commented 2 years ago

Got it, previously I wanted to use the free domain(.tk) to get a subdomain SSL wild card using Traefik. Traefik connects to the service provider (ex: Cloudflare) and generates the ACME Certificate. But since Cloudflare doesn't support free domain DNS records, I can't get the certificate. I thought I could generate an ACME Certificate on my own and get the job done. Nevertheless, I gave up to use the free domain and buy a domain to settle my issue. Thank you AMEST for helping me!