[ Источник: lacme ]
Пакет: lacme (0.8.2-1+deb12u1)
Ссылки для lacme
Ресурсы Debian:
- Сообщения об ошибках
- Developer Information
- Debian журнал изменений
- Файл авторских прав
- Отслеживание заплат Debian
Исходный код lacme:
Сопровождающий:
Внешние ресурсы:
- Сайт [git.guilhem.org]
Подобные пакеты:
ACME client written with process isolation and minimal privileges in mind
lacme is an ACME client which can be used to request X.509 certificates from ACME service providers such as Let's Encrypt or ZeroSSL. The architecture is divided into four components, each with its own executable:
* A process to manage the account key and issue SHA-256 signatures needed for each ACME command. (This process binds to a UNIX-domain socket to reply to signature requests from the ACME client.) One can use the UNIX-domain socket forwarding facility of OpenSSH 6.7 and later to run this process on a different host.
* A "master" process, which runs as root and is the only component with access to the private key material of the server keys. It is used to fork the ACME client (and optionally the ACME webserver) after dropping root privileges. For certificate issuances, it also generates Certificate Signing Requests, then verifies the validity of the issued certificate, and optionally reloads or restarts services.
* An actual ACME client, which builds ACME commands and dialogues with the remote ACME server. Since ACME commands need to be signed with the account key, the "master" process passes the UNIX-domain socket of the account key manager to the ACME client: data signatures are requested by writing the data to be signed to the socket.
* For certificate issuances, an optional webserver, which is spawned by the "master" process when no service is listening on the HTTP port. (The only challenge type currently supported is "http-01", which requires a webserver to answer challenges.) That webserver only processes GET and HEAD requests under the "/.well-known/acme-challenge/" URI. By default some iptables(8) rules are automatically installed to open the HTTP port, and removed afterwards.
Другие пакеты, относящиеся к lacme
|
|
|
|
-
- dep: adduser
- добавление и удаление пользователей и групп
-
- dep: libconfig-tiny-perl
- Read/Write .ini style files with as little code as possible
-
- dep: libjson-perl
- module for manipulating JSON-formatted data
-
- dep: libnet-ssleay-perl
- Perl module for Secure Sockets Layer (SSL)
-
- dep: libtimedate-perl
- collection of modules to manipulate date/time information
-
- dep: libwww-perl
- простой и надёжный интерфейс для Всемирной паутины
-
- dep: openssl (>= 1.1.0~)
- инструменты протокола защищённых сокетов — криптографические утилиты
-
- dep: perl
- практический язык Ларри Уолла для извлечения данных и составления отчётов
-
- rec: lacme-accountd (>= 0.8.0)
- lacme account key manager
-
- rec: liblwp-protocol-https-perl
- HTTPS driver for LWP::UserAgent
Загрузка lacme
Архитектура | Размер пакета | В установленном виде | Файлы |
---|---|---|---|
all | 47,9 Кб | 138,0 Кб | [список файлов] |