SUSE Hack Week: Let’s Encrypt integration into openSUSE/SLE

"Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open."[1]

The idea would be to integrate the openSUSE/SLE support into the Let's Encrypt Client.

"The Let's Encrypt Client is a tool to automatically receive and install X.509 certificates to<br> enable TLS on servers. The client will interoperate with the Let's Encrypt CA which will be<br> issuing browser-trusted certificates for free."[2]

Let's Encrypt uses the Automated Certificate Management Environment (ACME) protocol[3]<br> to distribute certificates easily. Part of this project idea would be to understand the protocol<br> in detail.

From the Let's Encrypt blog[4]:

Nov 12, 2015 Public Beta: December 3, 2015 Let’s Encrypt will enter Public Beta on December 3rd, 2015. Once we’ve entered Public Beta our systems will be open to anyone who would like to request a certificate.

Join this project Leave this project

Looking for hackers with the skills:

x509 certificate tls encryption acme

This project is part of:

Hack Week 13

Activity

over 6 years ago: thardeck disliked this project.

over 7 years ago: vbabka liked this project.

over 7 years ago: fcrozat liked this project.

over 7 years ago: joachimwerner liked this project.

over 7 years ago: thardeck liked this project.

over 7 years ago: msmeissn joined this project.

over 7 years ago: cschum liked this project.

over 7 years ago: mvidner liked this project.

over 7 years ago: johannes_p joined this project.

over 7 years ago: bmwiedemann joined this project.

over 7 years ago: abergmann joined this project.

over 7 years ago: pgonin liked this project.

over 7 years ago: osukup liked this project.

over 7 years ago: pluskalm liked this project.

over 7 years ago: hennevogel liked this project.

over 7 years ago: Jedibeeftrix liked this project.

over 7 years ago: kalabiyau liked this project.

over 7 years ago: markgard started this project.

over 7 years ago: Nijel liked this project.

over 7 years ago: abergmann added keyword "x509" to this project.

over 7 years ago: abergmann added keyword "certificate" to this project.

over 7 years ago: abergmann added keyword "tls" to this project.

over 7 years ago: abergmann added keyword "encryption" to this project.

over 7 years ago: abergmann added keyword "acme" to this project.

over 7 years ago: abergmann originated this project.

Comments

over 7 years ago by Jedibeeftrix | Reply

this would be an immensely valuable project for leap users. setting up an owncloud (or similar) server is trivial. enabling https is an ugly and painful process right now. this would help greatly.

over 7 years ago by osukup | Reply

i added for Letsencrypt bootstrap for openSUSE, but in SLE isn't python-virtualenv package:(

over 7 years ago by abergmann | Reply

Yah, I've managed to pull my first Let's Encrypt certificate last night. ;-)

Issuer: C=US, O=Let's Encrypt, CN=Let's Encrypt Authority X1 Validity Not Before: Dec 3 21:29:00 2015 GMT Not After : Mar 2 21:29:00 2016 GMT

over 7 years ago by lnussel | Reply

http://blog.fefe.de/?ts=a89f4ed6 https://community.letsencrypt.org/t/list-of-client-implementations/2103 Might be worth to look at e.g. https://github.com/lukas2511/letsencrypt.sh and do a clean and small C implementation

over 7 years ago by abergmann | Reply

It's true, the python footprint of the official tools is quite intense to say the least. So a slender implementation would be a better approach to get this on as many platforms as possible. Digging into this... ;-)

over 7 years ago by msmeissn | Reply

320148: integrate letsencrypt

over 7 years ago by msmeissn | Reply

(I also opened: FATE#320148: integrate letsencrypt)

over 7 years ago by bmwiedemann | Reply

I had good success with https://github.com/diafygi/acme-tiny and my helper /suse/bwiedemann/Export/contrib/Makefile

over 5 years ago by dmolkentin | Reply

It's done. SLE/openSUSE 15 will have letsencrypt support through dehydrated, a client that comes with less baggage than the official one, as well as a bunch of useful enabler scripts.