Posh-ACME

3.0.0

ACMEv2 protocol client for generating certificates using Let's Encrypt (or other ACMEv2 compliant CA)

Minimum PowerShell version

5.1

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name Posh-ACME -RequiredVersion 3.0.0

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deloy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Author(s)

Ryan Bolger

Copyright

(c) 2018 Ryan Bolger. All rights reserved.

Owners

Tags

LetsEncrypt ssl tls certificates acme Linux Mac

Functions

Get-DnsPluginHelp Get-DnsPlugins Get-KeyAuthorization Get-PAAccount Get-PAAuthorizations Get-PACertificate Get-PAOrder Get-PAServer New-PAAccount New-PACertificate New-PAOrder Publish-DnsChallenge Remove-PAAccount Remove-PAOrder Save-DnsChallenge Send-ChallengeAck Set-PAAccount Set-PAOrder Set-PAServer Submit-ChallengeValidation Submit-OrderFinalize Submit-Renewal Unpublish-DnsChallenge

PSEditions

Desktop Core

Dependencies

This module has no dependencies.

Release Notes

## 3.0.0 (2018-11-13)

* Potentially breaking changes
 * Many ACME protocol messages that previously used GET requests have been changed to POST-as-GET to comply with the latest ACME draft-16. Let's Encrypt already supports the new draft, but other ACME servers may not yet.
 * `CertIssueTimeout` param was removed from `New-PACertificate` and `Submit-OrderFinalize` because it wasn't actually being used properly in the former and doesn't seem necessary anymore.
* New Feature: Generate certs from an existing certificate request which can be useful for appliances that generate their own keys and CSRs. (Thanks @virot)
 * New `CSRPath` parameter on `New-PACertificate` and `New-PAOrder` that removes the need for `Domain`, `CertKeyLength`, `NewCertKey`, `OCSPMustStaple`, `FriendlyName`, `PfxPass`, and `Install` parameters when used. Most values will be extracted from the CSR.
 * Certs generated using this method will not have PFX files created because there is no private key.
 * Certs generated using this method can not be automatically installed to the Windows cert store because there are no PFX files.
* `Get-KeyAuthorization` now has `ForDNS` parameter which returns the actual TXT value necessary for the dns-01 challenge. (Thanks @chandan1001)
* Added new DNS plugins
 * IBMSoftLayer (IBM Cloud DNS)
 * AutoDNS (InternetX XML Gateway)
* Fix for some validation params not getting set properly on new instances of old orders
* Fix for Windows plugin not using `$dnsParams` appropriately (Thanks @B4dM4n)

Version History

Version Downloads Last updated
3.8.0 2,649 9/27/2019
3.7.0 1,038 9/18/2019
3.6.0 2,258 8/20/2019
3.5.0 3,171 6/21/2019
3.4.0 1,933 4/30/2019
3.3.0 947 3/24/2019
3.2.1 547 3/4/2019
3.2.0 1,250 1/22/2019
3.1.1 495 12/22/2018
3.1.0 91 12/16/2018
3.0.1 308 11/30/2018
3.0.0 (current version) 332 11/13/2018
2.9.1 397 10/26/2018
2.9.0 342 10/6/2018
2.8.0 438 9/12/2018
2.7.1 318 8/30/2018
2.7.0 271 8/12/2018
2.6.0 100 8/1/2018
2.5.0 280 7/12/2018
2.4.0 392 6/1/2018
2.3.0 23 5/29/2018
2.2.0 61 5/24/2018
2.1.1 48 5/19/2018
2.1.0 24 5/18/2018
2.0.1 206 5/13/2018
2.0 18 5/12/2018
1.1 62 5/2/2018
1.0 7 4/28/2018
Show less