How to manually issue a certificate

[devhaozi]

What is your question?

Hello, I am planning to use this package to replace go-acme/lego, but I don't know how to manually issue the certificate like lego:

// code to get a lego.Client

httpProvider, err := webroot.NewHTTPProvider(path/to/nginx/wwwroot)
if err != nil {
    return err
}

err = client.Challenge.SetHTTP01Provider(httpProvider)

request := certificate.ObtainRequest{
    Domains:    domains,
    Bundle:     true,
    MustStaple: false,
}

certificates, err := client.Certificate.Obtain(request)
if err != nil {
    return err
}

I only need to issue the certificate and do not use domain on this issuance process, can you give me a demo similar to lego?

What have you already tried?

I tried looking through the README and issue lists, and found GetACMEChallenge method, but I don't know how to use it.

Include any other information or discussion.

The code I wrote using go-acme/lego is here: https://github.com/TheTNB/panel/blob/main/pkg/acme/client.go

Bonus: What do you use this package for, and does it help you?

When using certmagic to replace lego, dozens of dependent packages will be deleted from my go.mod.

[mholt]

Ah I think you want ACMEz, which is the package CertMagic uses under the hood!

Here's an example you can run with pebble: https://github.com/mholt/acmez/blob/master/examples/porcelain/main.go

Edit: But if you want to use all of CertMagic's features, you can call ManageSync() or ManageAsync() depending on whether you need to block or not:

https://pkg.go.dev/github.com/caddyserver/certmagic#Config.ManageSync

Manage* will cause CertMagic to obtain a certificate if necessary; and just keep it renewed while running.

[devhaozi]

Thanks, I will try.

[mholt]

I guess you can also use the ObtainCert*() methods directly: https://pkg.go.dev/github.com/caddyserver/certmagic#Config.ObtainCertSync