certbot

mirror of https://github.com/certbot/certbot.git synced 2026-02-18 18:17:52 -05:00

Certificats Let's Encrypt

Find a file

Peter Eckersley d4542d607e Update plugin docs, especially webroot for -w		2015-11-25 12:59:16 -08:00
acme	Quikfix	2015-11-24 16:04:00 -05:00
bootstrap	Fix typos found by codespell	2015-11-18 22:41:39 +01:00
docs	Update plugin docs, especially webroot for -w	2015-11-25 12:59:16 -08:00
examples	tls-sni-01 for standalone	2015-11-07 18:24:17 +00:00
letsencrypt	Remove Content-Type checks from http-01	2015-11-24 09:54:33 +01:00
letsencrypt-apache	Merge pull request #1603 from letsencrypt/reload	2015-11-24 08:20:01 -08:00
letsencrypt-compatibility-test	Set domains to None to satisfy sanity checks	2015-11-20 16:15:50 -08:00
letsencrypt-nginx	Merge pull request #1462 from sieben/dict_litteral	2015-11-18 18:22:45 -08:00
letshelp-letsencrypt	pep8 for docs/conf.py	2015-11-07 19:36:08 +00:00
tests	Merge pull request #1524 from letsencrypt/email	2015-11-20 19:16:02 -08:00
tools	Always use the specified GPG for signing everything.	2015-11-18 14:26:01 -08:00
.dockerignore	Update ignore files to remove shared tox.venv	2015-07-12 15:30:51 +00:00
.gitattributes	Add gitattributes file to mark bat file as CRLF	2015-10-27 22:53:20 +01:00
.gitignore	Simple dev release script	2015-09-27 16:12:50 +00:00
.pep8	nit: fix missing EOF newline	2015-09-06 09:27:39 +00:00
.pylintrc	Merge branch 'verb-arguments'	2015-11-02 17:36:45 -08:00
.travis.yml	use boulder's integration-test.py	2015-11-13 12:39:29 -08:00
CHANGES.rst	Update references after repo rename.	2015-06-24 04:56:31 +00:00
CONTRIBUTING.md	HTTPS ReadTheDocs link in CONTRIBUTING.md	2015-03-22 22:30:57 +00:00
DISCLAIMER	--agree-dev-preview	2015-10-20 19:33:27 +00:00
docker-compose.yml	Use a discrete path for venv in docker, rather than /opt/letsencrypt.	2015-05-19 17:39:53 -07:00
Dockerfile	Merge pull request #1375 from johnl/1374-docker-symlink-bug-workaround	2015-11-10 17:54:36 -08:00
Dockerfile-dev	Merge pull request #1375 from johnl/1374-docker-symlink-bug-workaround	2015-11-10 17:54:36 -08:00
letsencrypt-auto	letsencrypt-auto: Remove nginx plugin and letshelp to keep the same behavior as the virtualenv way	2015-11-21 10:40:20 +08:00
LICENSE.txt	Make sure the LICENSE file is accurate for first pre-relase	2015-09-30 19:23:17 -07:00
linter_plugin.py	acme.jose: (Typed)JSONObjectWithFields, Field, JWA.	2015-03-18 14:10:28 +00:00
MANIFEST.in	requirements.txt: rename to py26reqs.txt and remove it from deps where possible.	2015-10-31 12:22:42 +00:00
pep8.travis.sh	Travis: no fail on pep8	2015-09-11 07:12:49 +00:00
py26reqs.txt	requirements.txt: rename to py26reqs.txt and remove it from deps where possible.	2015-10-31 12:22:42 +00:00
README.rst	Update readme to reflect current commands	2015-11-13 08:15:09 +00:00
readthedocs.org.requirements.txt	RTD: install local deps for subpkgs (fixes #1086 ).	2015-10-23 19:01:13 +00:00
setup.cfg	Merge branch 'bugs/402' into pkgs_sep_prep	2015-05-10 17:56:41 +00:00
setup.py	Merge remote-tracking branch 'github/letsencrypt/master' into py2.6-3	2015-10-17 07:28:04 +00:00
tox.cover.sh	Bump core coverage to 98%	2015-10-06 18:58:06 +00:00
tox.ini	Update tox.ini to run acme tests with Python 3.5	2015-11-14 21:09:03 +08:00
Vagrantfile	Vagrantfile: use recommended bootstrap scripts for provisioning	2015-10-27 17:34:18 -05:00

README.rst

.. notice for github users

Disclaimer
==========

This is a **DEVELOPER PREVIEW** intended for developers and testers only.

**DO NOT RUN THIS CODE ON A PRODUCTION SERVER. IT WILL INSTALL CERTIFICATES
SIGNED BY A TEST CA, AND WILL CAUSE CERT WARNINGS FOR USERS.**

Browser-trusted certificates will be available in the coming months.

For more information regarding the status of the project, please see
https://letsencrypt.org. Be sure to checkout the
`Frequently Asked Questions (FAQ) <https://community.letsencrypt.org/t/frequently-asked-questions-faq/26#topic-title>`_.

About the Let's Encrypt Client
==============================

|build-status| |coverage| |docs| |container|

In short: getting and installing SSL/TLS certificates made easy (`watch demo video`_).

The Let's Encrypt Client is a tool to automatically receive and install
X.509 certificates to enable TLS on servers. The client will
interoperate with the Let's Encrypt CA which will be issuing browser-trusted
certificates for free.

It's all automated:

* The tool will prove domain control to the CA and submit a CSR (Certificate
  Signing Request).
* If domain control has been proven, a certificate will get issued and the tool
  will automatically install it.

All you need to do to sign a single domain is::

  user@www:~$ sudo letsencrypt -d www.example.org certonly

For multiple domains (SAN) use::

  user@www:~$ sudo letsencrypt -d www.example.org -d example.org certonly

and if you have a compatible web server (Apache or Nginx), Let's Encrypt can
not only get a new certificate, but also deploy it and configure your
server automatically!::

  user@www:~$ sudo letsencrypt -d www.example.org run


**Encrypt ALL the things!**


.. |build-status| image:: https://travis-ci.org/letsencrypt/letsencrypt.svg?branch=master
   :target: https://travis-ci.org/letsencrypt/letsencrypt
   :alt: Travis CI status

.. |coverage| image:: https://coveralls.io/repos/letsencrypt/letsencrypt/badge.svg?branch=master
   :target: https://coveralls.io/r/letsencrypt/letsencrypt
   :alt: Coverage status

.. |docs| image:: https://readthedocs.org/projects/letsencrypt/badge/
   :target: https://readthedocs.org/projects/letsencrypt/
   :alt: Documentation status

.. |container| image:: https://quay.io/repository/letsencrypt/letsencrypt/status
   :target: https://quay.io/repository/letsencrypt/letsencrypt
   :alt: Docker Repository on Quay.io

.. _`installation instructions`:
   https://letsencrypt.readthedocs.org/en/latest/using.html

.. _watch demo video: https://www.youtube.com/watch?v=Gas_sSB-5SU


Current Features
----------------

* Supports multiple web servers:

  - apache/2.x (tested and working on Ubuntu Linux)
  - nginx/0.8.48+ (under development)
  - standalone (runs its own simple webserver to prove you control a domain)

* The private key is generated locally on your system.
* Can talk to the Let's Encrypt (demo) CA or optionally to other ACME
  compliant services.
* Can get domain-validated (DV) certificates.
* Can revoke certificates.
* Adjustable RSA key bit-length (2048 (default), 4096, ...).
* Can optionally install a http -> https redirect, so your site effectively
  runs https only (Apache only)
* Fully automated.
* Configuration changes are logged and can be reverted.
* Text and ncurses UI.
* Free and Open Source Software, made with Python.


Installation Instructions
-------------------------

Official **documentation**, including `installation instructions`_, is
available at https://letsencrypt.readthedocs.org.


Links
-----

Documentation: https://letsencrypt.readthedocs.org

Software project: https://github.com/letsencrypt/letsencrypt

Notes for developers: https://letsencrypt.readthedocs.org/en/latest/contributing.html

Main Website: https://letsencrypt.org/

IRC Channel: #letsencrypt on `Freenode`_

Community: https://community.letsencrypt.org

Mailing list: `client-dev`_ (to subscribe without a Google account, send an
email to client-dev+subscribe@letsencrypt.org)

.. _Freenode: https://freenode.net
.. _client-dev: https://groups.google.com/a/letsencrypt.org/forum/#!forum/client-dev