An ACME client for the Windows platform.
‼️ NOTE: At present, due to a limitation a dependency on OpenSSL, you must use the 32-bit version of PowerShell for any of the PS modules.
Jump To:
This project implements an ACME client library and PowerShell modules interoperable with the Let's Encrypt ACME CA server reference implemention and includes features comparable to the Let's Encrypt client reference implementation.
The PowerShell modules include installers for configuring:
- IIS 7.0+ either locally or remotely (over PSSession)
- AWS Server Certificates and ELB Listeners
This ACME client implementation is broken up into layers that build upon each other:
- Basic tools and service required for implementing ACME protocol (JSON Web Signature (JWS), persistence, PKI operations via OpenSSL) (.NET assembly)
- A low-level ACME protocol client that can interoperate with a proper ACME server (.NET assembly)
- A PowerShell Module that implements a "local vault" for managing ACME Registrations, Identifiers and Certificates (PS Binary Module)
- A set of PowerShell Modules that implement installers for various servers/services (PS Script Modules)
- IIS Installer
- AWS Installer
- Futuer Installers...
This ACME client is being developed against the Boulder CA ACME server reference implementation. See how to quickly spin up your own instance in AWS on an Amazon Linux AMI.
This client is now operable and can successfully interact with the Let's Encrypt staging CA to initialize new Registrations, authorize DNS Identifiers and issue Certificates. Further, it can succussfully install and configure the certificate and related SSL/TLS settings for a local or remote IIS 7.0+ server or an AWS environment.
The example usage has been moved to its own wiki.