starred/certcache
1
0
Fork 0
mirror of https://github.com/93million/certcache.git synced 2026-04-25 02:15:47 +03:00
Code Issues 3 Projects Releases 5 Packages Wiki Activity
5 releases 16 tags
  • 1.0.1 93b44e2189

    1.0.1 Stable

    kerem released this 2025-12-02 10:05:49 +03:00 | 9 commits to master since this release

    📅 Originally published on GitHub: Tue, 02 Dec 2025 07:09:17 GMT
    🏷️ Git tag created: Tue, 02 Dec 2025 07:05:49 GMT

    Dependency security updates

    Downloads
  • 1.0.0 0acf92bbe4

    1.0.0 Stable

    kerem released this 2025-10-11 18:08:52 +03:00 | 11 commits to master since this release

    📅 Originally published on GitHub: Sat, 11 Oct 2025 15:32:29 GMT
    🏷️ Git tag created: Sat, 11 Oct 2025 15:08:52 GMT

    Support for certificate authorities other than Let's Encrypt

    You can define an ACME server to use with Certbot by setting the env var CERTCACHE_CERTBOT_SERVER. If you need to pass an eab kid and eab hmac key you can use env vars CERTCACHE_CERTBOT_EAB_KID and CERTCACHE_CERTBOT_EAB_HMAC_KEY

    See docs/Configure challenges.md for more information

    Upgraded dependencies

    • Upgraded Certbot (+ plugins) to v.5.0.0
    • Upgraded NPM packages
    Downloads
  • 0.6.0 29e257c482

    0.6.0 Stable

    kerem released this 2021-03-24 22:14:44 +03:00 | 29 commits to master since this release

    📅 Originally published on GitHub: Wed, 24 Mar 2021 19:17:11 GMT
    🏷️ Git tag created: Wed, 24 Mar 2021 19:14:44 GMT

    ECDSA Certificates

    Using ECDSA for certs defined in CERTCACHE_CERTS

    CertCache supports generating and caching of ECDSA certificates.

    ECDSA algorithms can be requested for each cert defined in CERTCACHE_CERTS separately:

    version: '3.7'
services:
  certcache:
    container_name: certcache
      
      CERTCACHE_CERTS: |
        - certName: cert1
          domains:
            - '<cert-domain-1>'
            - '*.<cert-domain-1>'
          keyType: ecdsa
        - certName: cert2
          domains:
            - '<cert-domain-2>'
            - '*.<cert-domain-2>'

    In this example, cert1 will have an ECDSA public key algorithm, while cert2 will use the default algorithm of RSA.

    If you want to use ECDSA for all certificates that do not specify a keyType, set the default algorithm using the env var CERTCACHE_KEY_TYPE:

    version: '3.7'
services:
  certcache:
    container_name: certcache
      
      CERTCACHE_CERTS: |
        - certName: cert1
          domains:
            - '<cert-domain-1>'
            - '*.<cert-domain-1>'
        - certName: cert2
          domains:
            - '<cert-domain-2>'
            - '*.<cert-domain-2>'
      CERTCACHE_KEY_TYPE: ecdsa

    The default curve is secp256r1. The elliptic curve can be defined separately within each certificate within CERTCACHE_CERTS, or changed for all certs (that don't define an ellipticCurve) using the env var CERTCACHE_ELLIPTIC_CURVE:

    version: '3.7'
services:
  certcache:
    container_name: certcache
      
      CERTCACHE_CERTS: |
        - certName: cert1
          domains:
            - '<cert-domain-1>'
            - '*.<cert-domain-1>'
          keyType: ecdsa
        - certName: cert2
          domains:
            - '<cert-domain-2>'
            - '*.<cert-domain-2>'
          keyType: ecdsa
          ellipticCurve: secp256r1
      CERTCACHE_ELLIPTIC_CURVE: secp384r1

    Using ECDSA for certs retrieved from the command line

    You can get ECDSA certificates from the command line using the CLI command certcache get -d 'cert-domain-1,cert-domain-2' --key-type ecdsa:

    If using docker-compose:

    docker-compose run --rm certcache get -d 'cert-domain-1,cert-domain-2' --key-type ecdsa

    Curves can optionally be specified using --elliptic-curve.

    Downloads
  • 0.5.2 d2030f9511

    0.5.2 Stable

    kerem released this 2021-02-16 21:52:03 +03:00 | 39 commits to master since this release

    📅 Originally published on GitHub: Tue, 16 Feb 2021 19:14:04 GMT
    🏷️ Git tag created: Tue, 16 Feb 2021 18:52:03 GMT

    CATKeys

    Keys should now be generated with a .catkey extension and live in a directory named catkeys. Keys with the previous extension in the previous directory (cahkeys) should still continue work.

    Running tests in Docker multistage build

    Running tests in the Docker build should help catch environmental defects

    Supporting latest build dependencies for the Python cryptography library

    Cryptography now requires Rust & Cargo as a build dep.

    Docker container speedy shutdown has been restored

    Container wasn't responding to SIGTERM and was taking 10 seconds before being SIGKILL'd

    Downloads
  • 0.5.1 518cf227c1

    0.5.1 Stable

    kerem released this 2021-01-17 23:03:04 +03:00 | 51 commits to master since this release

    📅 Originally published on GitHub: Sun, 17 Jan 2021 20:13:21 GMT
    🏷️ Git tag created: Sun, 17 Jan 2021 20:03:04 GMT

    Fixed bug that broke creation of cahkeys due to missing dependency in Docker image

    Downloads