Legend:
Library
Module
Module type
Parameter
Class
Class type
Library
Module
Module type
Parameter
Class
Class type
ACME Client.
This module provides client commands. Note: right now this module implements only the strict necessary in order to register an account, solve http-01 challenges provided by the CA, and fetch the certificate. This means that you will be able to maintain your server with this.
type solver = {
typ : [ `Dns | `Http | `Alpn ];
solve_challenge : token:string ->
key_authorization:string ->
[ `host ] Domain_name.t ->
(unit, [ `Msg of string ]) result Lwt.t;
}
val http_solver :
([ `host ] Domain_name.t ->
prefix:string ->
token:string ->
content:string ->
(unit, [ `Msg of string ]) result Lwt.t) ->
solver
http_solver (fun domain ~prefix ~token ~content)
is a solver for http-01 challenges. The provided function should return Ok ()
once the web server at domain
serves content
as prefix/token
: a GET request to http://domain
/prefix
/token
should return content
. The prefix
is ".well-known/acme-challenge".
val print_http : solver
print_http
outputs the HTTP challenge solution, and waits for user input before continuing with ACME.
val alpn_solver :
?key_type:X509.Key_type.t ->
?bits:int ->
([ `host ] Domain_name.t ->
alpn:string ->
X509.Private_key.t ->
X509.Certificate.t ->
(unit, [ `Msg of string ]) result Lwt.t) ->
solver
alpn_solver ~key_type ~bits (fun domain ~alpn private_key certificate)
is a solver for tls-alpn-01 challenges. The provided function should return Ok ()
once the TLS server at domain
serves the self-signed certificate
(with private_key
) under the ALPN alpn
("acme-tls/1"). The key_type
and bits
are used for the self-signed certificate, while bits
is only relevant if key_type
is `RSA (default: RSA with 2048 bits).
val print_alpn : solver
print_alpn
outputs the ALPN challenge solution, and waits for user input before continuing with ACME.