SUSE Hack Week: Let’s Encrypt integration into openSUSE/SLE

"Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open."[1]

The idea would be to integrate the openSUSE/SLE support into the Let's Encrypt Client.

"The Let's Encrypt Client is a tool to automatically receive and install X.509 certificates to
enable TLS on servers. The client will interoperate with the Let's Encrypt CA which will be
issuing browser-trusted certificates for free."[2]

Let's Encrypt uses the Automated Certificate Management Environment (ACME) protocol[3]
to distribute certificates easily. Part of this project idea would be to understand the protocol
in detail.

From the Let's Encrypt blog[4]:

Nov 12, 2015
Public Beta: December 3, 2015
Let’s Encrypt will enter Public Beta on December 3rd, 2015. Once 
we’ve entered Public Beta our systems will be open to anyone who
would like to request a certificate.

Join this project Leave this project

Looking for hackers with the skills:

x509 certificate tls encryption acme

This project is part of:

Hack Week 13

Activity

over 7 years ago: thardeck disliked this project.

over 8 years ago: vbabka liked this project.

over 8 years ago: fcrozat liked this project.

over 8 years ago: joachimwerner liked this project.

over 8 years ago: thardeck liked this project.

over 8 years ago: msmeissn joined this project.

over 8 years ago: cschum liked this project.

over 8 years ago: mvidner liked this project.

over 8 years ago: johannes_p joined this project.

over 8 years ago: bmwiedemann joined this project.

over 8 years ago: abergmann joined this project.

over 8 years ago: pgonin liked this project.

over 8 years ago: osukup liked this project.

over 8 years ago: pluskalm liked this project.

over 8 years ago: hennevogel liked this project.

over 8 years ago: Jedibeeftrix liked this project.

over 8 years ago: kalabiyau liked this project.

over 8 years ago: markgard started this project.

over 8 years ago: Nijel liked this project.

over 8 years ago: abergmann added keyword "x509" to this project.

over 8 years ago: abergmann added keyword "certificate" to this project.

over 8 years ago: abergmann added keyword "tls" to this project.

over 8 years ago: abergmann added keyword "encryption" to this project.

over 8 years ago: abergmann added keyword "acme" to this project.

over 8 years ago: abergmann originated this project.

Comments

over 8 years ago by Jedibeeftrix | Reply

this would be an immensely valuable project for leap users. setting up an owncloud (or similar) server is trivial. enabling https is an ugly and painful process right now. this would help greatly.

over 8 years ago by osukup | Reply

i added for Letsencrypt bootstrap for openSUSE, but in SLE isn't python-virtualenv package:(

over 8 years ago by abergmann | Reply

Yah, I've managed to pull my first Let's Encrypt certificate last night. ;-)

 Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X1
 Validity
     Not Before: Dec  3 21:29:00 2015 GMT
     Not After : Mar  2 21:29:00 2016 GMT

Yah, I've managed to pull my first Let's Encrypt certificate last night. ;-)

 Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X1
 Validity
     Not Before: Dec  3 21:29:00 2015 GMT
     Not After : Mar  2 21:29:00 2016 GMT

# A First Level Header
## A Second Level Header

Use one asterisk to *emphasize*

Use two asterisks for **strong emphasis**

* Use asterisks
* for lists

This is an [example link](http://example.com/)

This is an ![example image](http://paste.opensuse.org/view/raw/68957446)

This is a user link @hans

This is a project link hw#some-cool-title

More Complex Markdown Help

Formatting Help

over 8 years ago by lnussel | Reply

http://blog.fefe.de/?ts=a89f4ed6 https://community.letsencrypt.org/t/list-of-client-implementations/2103 Might be worth to look at e.g. https://github.com/lukas2511/letsencrypt.sh and do a clean and small C implementation

over 8 years ago by abergmann | Reply

It's true, the python footprint of the official tools is quite intense to say the least. So a slender implementation would be a better approach to get this on as many platforms as possible. Digging into this... ;-)

over 8 years ago by msmeissn | Reply

320148: integrate letsencrypt

over 8 years ago by msmeissn | Reply

(I also opened: FATE#320148: integrate letsencrypt)

over 8 years ago by bmwiedemann | Reply

I had good success with https://github.com/diafygi/acme-tiny and my helper /suse/bwiedemann/Export/contrib/Makefile

over 6 years ago by dmolkentin | Reply

It's done. SLE/openSUSE 15 will have letsencrypt support through dehydrated, a client that comes with less baggage than the official one, as well as a bunch of useful enabler scripts.