Lego

Let’s Encrypt client and ACME library written in Go.

Features

  • ACME v2 RFC 8555
  • Comes with about 150 DNS providers
  • Register with CA
  • Obtain certificates, both from scratch or with an existing CSR
  • Renew certificates
  • Revoke certificates
  • Robust implementation of ACME challenges:
    • HTTP (http-01)
    • DNS (dns-01)
    • TLS (tls-alpn-01)
  • SAN certificate support
  • CNAME support by default
  • Custom challenge solvers
  • Certificate bundling
  • OCSP helper function