通过以下方式搜索 
infinityfree / acmecore
PHP中ACME协议的原始实现
3.1.0
2022-09-27 21:21 UTC
Requires
- php: >=7.2.5
- ext-hash: *
- ext-json: *
- ext-openssl: *
- acmephp/ssl: ^2.0
- guzzlehttp/guzzle: ^6.0|^7.0
- guzzlehttp/psr7: ^1.7|^2.1
- lcobucci/jwt: ^3.3|^4.0
- psr/http-message: ^1.0
- psr/log: ^1.0|^2.0|^3.0
- webmozart/assert: ^1.0
Requires (Dev)
- aws/aws-sdk-php: ^3.38
- league/flysystem: ^1.0.19
- league/flysystem-memory: ^1.0
- phpspec/prophecy: ^1.9
- phpspec/prophecy-phpunit: ^2.0
- phpunit/phpunit: ^9.0
- symfony/console: ^5.0
- symfony/dependency-injection: ^5.0
- symfony/filesystem: ^5.0
- symfony/finder: ^5.0
- symfony/phpunit-bridge: ^5.0
- symfony/var-dumper: ^5.0
- dev-master
- 3.1.0
- 3.0.1
- 3.0.0
- 2.0.1
- 2.0.0
- 1.3.0
- 1.2.0
- 1.1.1
- 1.1.0
- 1.0.1
- 1.0.0
- 1.0.0-beta5
- 1.0.0-beta4
- 1.0.0-beta3
- 1.0.0-beta2
- 1.0.0-beta1
- 1.0.0-alpha10
- 1.0.0-alpha9
- 1.0.0-alpha8
- 1.0.0-alpha4
- 1.0.0-alpha3
- 1.0.0-alpha2
- 1.0.0-alpha
- dev-retrieve-certificate-accepts-header
- dev-error-handling
- dev-updates
- dev-auto-split
- dev-new-doc
This package is auto-updated.
Last update: 2024-09-28 01:59:44 UTC
README
AcmeCore是Acme PHP Core库的一个修改版本。Acme PHP Core。
何时使用AcmeCore
AcmeCore被设计为遵循库的最佳实践的Let's Encrypt/ACME协议的直接实现。没有任何文件系统依赖,集成调度器或其他类似的东西。您可以在自己的项目中集成它,并自行处理调度和持久化。
与Acme PHP Core的差异
Acme PHP Core是一个很好的库,但它假设“顺利的路径”总是可行的。也就是说,CA永远不会返回错误,快速执行所有任务,并且总是返回预期的数据。在Let's Encrypt中,这通常是真实的,但其他CA可能不太稳定。
此库与Acme PHP Core之间的主要差异如下
- 每个在
AcmeClient上的函数都映射到ACME过程中的单个步骤。这样,您可以自由地以自己的节奏调用和重试步骤(例如,在再次调用finalze之前重试接收证书)。 - 不再有睡眠循环。按照您想要的方式安排任务,如果不想占用PHP进程,就别这样做。
CertificateOrder现在包含订单的状态。使用reloadOrder函数加载订单,查看当前订单状态,并选择下一步要应用的步骤。
文档
官方的Acme PHP文档大部分仍然适用。但是,证书签发过程已经有所改变。
$secureHttpClientFactory = new SecureHttpClientFactory( new GuzzleHttpClient(), new Base64SafeEncoder(), new KeyParser(), new DataSigner(), new ServerErrorHandler() ); // $accountKeyPair instance of KeyPair $secureHttpClient = $secureHttpClientFactory->createSecureHttpClient($accountKeyPair); // Important, change to production LE directory for real certs! $acmeClient = new AcmeClient($secureHttpClient, 'https://acme-staging-v02.api.letsencrypt.org/directory'); // Request a certificate for mydomain.com. $certificateOrder = $acmeClient->requestOrder('mydomain.com'); // Retrieve the challenges to complete for mydomain.com. $challenges = $certificateOrder->getAuthorizationChallenges('mydomain.com'); // Now complete the challenge for the domain. // Find the challenge object for the verification type you want to do, e.g. http-01, dns-01. $challenge = $challenges[0]; // Ask the CA to confirm the authorization. $challenge = $acmeClient->challengeAuthorization($dnsChallenge); // Wait for the CA to complete the authorization. // This example uses a sleep loop, but you can schedule your own. while ($challenge->getStatus() != 'ready') { sleep(1); $challenge = $acmeClient->reloadAuthorization($challenge); } // Prepare the CSR $dn = new DistinguishedName('mydomain.com'); $keyPairGenerator = new KeyPairGenerator(); // Make a new key pair. We'll keep the private key as our cert key $domainKeyPair = $keyPairGenerator->generateKeyPair(); // This is the private key echo $domainKeyPair->getPrivateKey()->getPem()); // Generate CSR $csr = new CertificateRequest($dn, $domainKeyPair); // Tell the CA to generate the certificate. $certificateOrder = $acmeClient->finalizeOrder($certificateOrder, $csr); // Wait for the CA to complete the issuance. // This example uses a sleep loop, but you can schedule your own. while ($certificateOrder->getStatus() != 'issued') { sleep(1); $certificateOrder = $acmeClient->reloadOrder($certificateOrder->getOrderEndpoint()); } // Retrieve the generated certificate. $certificate = $acmeClient->retrieveCertificate($certificateOrder); // This is the generated certificate. echo $certificate->getPem();
启动测试套件
Acme PHP测试套件位于主存储库中:https://github.com/acmephp/acmephp#launch-the-test-suite。