Support for ACME/letsencrypt.org

[eliasp]

I think an important factor for the adoption of ACME which will be used by the Let's Encrypt initiative is the support for ACME in config management tools as otherwise people need to rely on the tools provided by "Let's Encrypt" which will lead to conflicts between the tools and config management processes.

So I'd like to suggest to add execution and state modules for the ACME protocol. The modules could possibly transparently extend the existing x509 modules.

[arnisoph]

+1

[jochumdev]

+1

[phryneas]

+1

[phryneas]

any more on this?

[Jonher937]

+1

[kevinquinnyo]

+1

[eliasp]

Some (hopefully) useful references, in case anyone starts working on an implementation:

• diafygi/acme-tiny - minimal Python implementation
• the "upstream" implementation of ACME bundled in the "letsencrypt" package/client - Python
• hlandau/acme - a Go based implementation of the client + protocol

[notpeter]

https://github.com/saltstack-formulas/letsencrypt-formula

[anitakrueger]

+1

[The-Loeki]

First drop of code utilizing the letsencrypt-auto client, we'll have to wait for the ACME API PIP to crystallize out a bit before we can use that.