Letsencrypt
PHP SSL for letsencrypt ACME v2.
Letās Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG).
Only PHP client is provided here.
Supporting RSA ECC
Travis CI badge
codecov badge
Packagist badge
Github badge
Installation
Use Composer to install the library. Of course, You can go to Packagist to view.
Ā Ā $ composer require yakeing/php_letsencrypt
Initialization parameter
- Sampleļ¼
$le = new letsencrypt();
$option = array();
$option['accountKey'] = '-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----';Get Directory
- Sampleļ¼
echo $le->Directory();New Nonce
- Sampleļ¼
echo $le->NewNonce();New User Registration
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$userinfo = array('mailto:yakeing@github.com');
$le->NewAccount($accountKey, $userinfo);
$option['kid'] = $le->body['kid'];New Order
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$domain = 'example.com';
$kid = $option['kid']; //12345
$type = 'dns';
$le->NewOrder($accountKey, $domain, $kid, $type);
$option['authorizations'] = $le->body['authorizations'][0];
$option['finalize'] = $le->body['finalize'];Get challenges
- Sampleļ¼
$jsonAuthz = file_get_contents($option['authorizations']); //array(.....)
$authz = json_decode($jsonAuthz, true);
foreach ($authz['challenges'] as $value) {
if ('http-01' == $value['type']) {
//$option['status'] = $value['status']; // valid
$option['url'] = $value['url'];
$option['token'] = $value['token'];
}
}Get Dns Txt
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$token = $option['token']; //gDhhgh5Sdgf......fGDB0ceWadfg
$ret = $le->GetDnsTxt($accountKey, $token);
// FrZWluZ0BnaXR......odWIuY29tMFkwEChallenge
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$kid = $option['kid']; //12345
$url = $option['url']; //https://~.api.letsencrypt.org/acme/authz-v3/*****
$token = $option['token']; //gDhhgh5Sdgf......fGDB0ceWadfg
$le->Challenge($accountKey, $kid, $url, $token);
//$le->body['status'] == 'valid'Application for certificate issuance
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$kid = $option['kid']; //12345
$finalizeUrl = $option['finalize']; //https://~.api.letsencrypt.org/acme/finalize/***/***';
$csr = '-----BEGIN CERTIFICATE-----\nMIIEjjCCA3agAw....NjDNFu0Qg==-----END CERTIFICATE-----';
$outCert = true;
$le->GetCert($accountKey, $kid, $finalizeUrl, $csr, $outCert);
$Cert = $le->body; //certificateCertificate revocation
- Sampleļ¼
$cerKey = '-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----';
$Cert = '-----BEGIN CERTIFICATE-----\nMIIEA2agAw....HgdYhhE9gj\n==-----END CERTIFICATE-----';
$reason = 0;
$le->RevokeCert($cerKey, $cer, $reason);Domain name deauthorization
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$kid = 'k6789';
$authKid = 'd12345';
$le->AuthzDeactivate($accountKey, $kid, $authKid);Change account communication key
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$kid = $option['kid']; //12345
$newAccountKey = '-----BEGIN PUBLIC KEY-----\nOIYGRjp8....ATy3ggQiyA\n-----END PUBLIC KEY----';;
$le->KeyChange($accountKey, $kid, $newAccountKey);Account deactivation
- Sampleļ¼
//-----BEGIN PUBLIC KEY-----\nMIIBIjA....NjQIDAQA\n-----END PUBLIC KEY----
$accountKey = $option['accountKey'];
$kid = $option['kid']; //12345
$le->DeactivatedAccount($accountKey, $kid);Sponsor
If you've got value from any of the content which I have created, then I would very much appreciate your support by payment donate.
Author
weibo: yakeing
twitter: yakeing
