CONSFIGURATOR.PROPERTY.LETS-ENCRYPT

API reference

General

Property: LETS-ENCRYPT:INSTALLED

(lets-encrypt:installed)

Class: LETS-ENCRYPT:AGREE-TOS

Object representing your agreement with the Let’s Encrypt Subscriber Agreement; you will need to pass this to properties which will invoke the Let’s Encrypt client. Supply an e-mail address so that Let’s Encrypt can contact you for things like certificate expiry, planned outage notifications etc.

Macro: LETS-ENCRYPT:AGREE-TOS

(lets-encrypt:agree-tos &key email-address)

Property: LETS-ENCRYPT:CERTIFICATE-OBTAINED

(lets-encrypt:certificate-obtained agree-tos htdocs &rest domains)

Obtains, and renews as necessary, an SSL certificate for DOMAINS. The first element of DOMAINS, after flattening, is the Common Name of the certificate. Use of this property implies agreement with the Let’s Encrypt Subscriber Agreement; AGREE-TOS is an instance of LETS-ENCRYPT:AGREE-TOS. HTDOCS is the web root for DOMAINS, which must be writeable, and publically available over plain HTTP.

This property does nothing to ensure that your web server will actually use the obtained certificate. Typically you’ll want to combine this property with web server-specific properties in a DEFPROPLIST/DEFPROPSPEC.

Property: LETS-ENCRYPT:CERTIFICATE-OBTAINED-STANDALONE

(lets-encrypt:certificate-obtained-standalone agree-tos &rest domains)

Like LETS-ENCRYPT:CERTIFICATE-OBTAINED, but use the –standalone argument to letsencrypt(1) to start up the client’s built-in webserver on port 80. Useful on hosts which do not normally run a web server, but nevertheless require an SSL certificate for other service(s), such as mail servers.

Function: LETS-ENCRYPT:FULLCHAIN-FOR

(lets-encrypt:fullchain-for domain)

Function: LETS-ENCRYPT:CHAIN-FOR

(lets-encrypt:chain-for domain)

Function: LETS-ENCRYPT:CERTIFICATE-FOR

(lets-encrypt:certificate-for domain)

Function: LETS-ENCRYPT:PRIVKEY-FOR

(lets-encrypt:privkey-for domain)