Letsencrypt implemented as a shell script

I just need something that can do:<p>.&#x2F;something.py account.key domain.key domain.csr -o fullcert.pem<p>acme-tiny is 95% of the way there, but it doesn&#x27;t output the full chain. I may just fork it and add the extra step, but I prefer it in the official client.

A shellscript... and a perl script and the openssl command line binary!

Hey there, author of this thingy here, nice to see that some people like what i&#x27;m wasting my time on ;)<p>Just wanted to let you know that I just pushed a few updates, the code now no longer requires perl, uses the more generic shasum tool, uses base64 in openssl instead of the systems base64 binary, and some more stuff.<p>There are a few more dependencies I want to get rid of, like &#x27;sed&#x27;. But &#x27;openssl&#x27; and &#x27;curl&#x27; will stay as depdencies.<p>I also want to expand this script with the ability to detect changes in the domain config and with a check if a certificate is about to expire so that it can be renewed in a cron-job or something similar.<p>Revocation is another thing that I kinda should look at, for now you&#x27;ll have to do that with one of the other clients that has this option.<p>And thanks to the author of acme-tiny, which kinda inspired me to write this.

Is the lure of letsencrypt that<p>1 it&#x27;s accepted without warning in browsers or<p>2 it lets users ignore learning how to use the openssl binary (or writing their own tools with libssl, polarssl, etc.) to generate ca and site keys, certs, csr&#x27;s, crl&#x27;s, etc., or<p>3 both?<p>Here, the author appears to benefit mainly from 1.<p>Assuming letsencrypt does not do any sort of commercial CA-type &quot;verification&quot; then why do they need to be a CA? Why does one need an account?<p>Answer: browsers clinging to CA system.<p>Why not just get browsers to drop the warnings for self-signed certs?<p>The goal here, I thought, is to facilitate encrypted traffic, not to give a false sense of &quot;authentication&quot;, correct?<p>Encryption and authentication are two different things.<p>Every user should understand that.

Now that&#x27;s something one can use on a server w&#x2F;o python. It&#x27;s obviously harder to use than a fire and forget service, but it broadens the use-cases to simple gear where you don&#x27;t want to run everything (or can&#x27;t).

I thought one of the big intended advantages of letsencrypt was the apache and nginx integrations.

Appreciate the effort. Just skimmed through the code, it seems to depend on perl.<p>It was also a quick refresher on how god damn ugly bash&#x27;s syntax is.