acme.ALPNProto
// ALPNProto is the ALPN protocol name used by a CA server when validating
// tls-alpn-01 challenges.
//
// Package users must ensure their servers can negotiate the ACME ALPN in
// order for tls-alpn-01 challenge verifications to succeed.
// See the crypto/tls package's Config.NextProtos field.
const ALPNProto = "acme-tls/1"
acme.CRLReasonAACompromise
// CRL reason codes as defined in RFC 5280.
const CRLReasonAACompromise = 10
acme.CRLReasonAffiliationChanged
// CRL reason codes as defined in RFC 5280.
const CRLReasonAffiliationChanged = 3
acme.CRLReasonCACompromise
// CRL reason codes as defined in RFC 5280.
const CRLReasonCACompromise = 2
acme.CRLReasonCertificateHold
// CRL reason codes as defined in RFC 5280.
const CRLReasonCertificateHold = 6
acme.CRLReasonCessationOfOperation
// CRL reason codes as defined in RFC 5280.
const CRLReasonCessationOfOperation = 5
acme.CRLReasonKeyCompromise
// CRL reason codes as defined in RFC 5280.
const CRLReasonKeyCompromise = 1
acme.CRLReasonPrivilegeWithdrawn
// CRL reason codes as defined in RFC 5280.
const CRLReasonPrivilegeWithdrawn = 9
acme.CRLReasonRemoveFromCRL
// CRL reason codes as defined in RFC 5280.
const CRLReasonRemoveFromCRL = 8
acme.CRLReasonSuperseded
// CRL reason codes as defined in RFC 5280.
const CRLReasonSuperseded = 4
acme.CRLReasonUnspecified
// CRL reason codes as defined in RFC 5280.
const CRLReasonUnspecified = 0
acme.LetsEncryptURL
// LetsEncryptURL is the Directory endpoint of Let's Encrypt CA.
const LetsEncryptURL = "https://acme-v02.api.letsencrypt.org/directory"
acme.StatusDeactivated
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusDeactivated = "deactivated"
acme.StatusExpired
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusExpired = "expired"
acme.StatusInvalid
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusInvalid = "invalid"
acme.StatusPending
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusPending = "pending"
acme.StatusProcessing
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusProcessing = "processing"
acme.StatusReady
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusReady = "ready"
acme.StatusRevoked
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusRevoked = "revoked"
acme.StatusUnknown
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusUnknown = "unknown"
acme.StatusValid
// ACME status values of Account, Order, Authorization and Challenge objects.
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
const StatusValid = "valid"
acme.ErrAccountAlreadyExists
// ErrAccountAlreadyExists indicates that the Client's key has already been registered
// with the CA. It is returned by Register method.
var ErrAccountAlreadyExists = errors.New("acme: account already exists")
acme.ErrNoAccount
// ErrNoAccount indicates that the Client's key has not been registered with the CA.
var ErrNoAccount = errors.New("acme: account does not exist")
acme.ErrUnsupportedKey
// ErrUnsupportedKey is returned when an unsupported key type is encountered.
var ErrUnsupportedKey = errors.New("acme: unknown key type; only RSA and ECDSA are supported")
acme.CertOption
// CertOption is an optional argument type for the TLS ChallengeCert methods for
// customizing a temporary certificate for TLS-based challenges.
type CertOption interface {}
acme.OrderOption
// OrderOption allows customizing Client.AuthorizeOrder call.
type OrderOption interface {}
acme.AcceptTOS
// AcceptTOS always returns true to indicate the acceptance of a CA's Terms of Service
// during account registration. See Register method of Client for more details.
func AcceptTOS(tosURL string) bool
acme.DomainIDs
// DomainIDs creates a slice of AuthzID with "dns" identifier type.
func DomainIDs(names ...string) []AuthzID
acme.IPIDs
// IPIDs creates a slice of AuthzID with "ip" identifier type.
// Each element of addr is textual form of an address as defined
// in RFC 1123 Section 2.1 for IPv4 and in RFC 5952 Section 4 for IPv6.
func IPIDs(addr ...string) []AuthzID
acme.JWKThumbprint
// JWKThumbprint creates a JWK thumbprint out of pub
// as specified in https://tools.ietf.org/html/rfc7638.
func JWKThumbprint(pub crypto.PublicKey) (string, error)
acme.RateLimit
// RateLimit reports whether err represents a rate limit error and
// any Retry-After duration returned by the server.
//
// See the following for more details on rate limiting:
// https://tools.ietf.org/html/draft-ietf-acme-acme-05#section-5.6
func RateLimit(err error) (time.Duration, bool)
acme.WithKey
// WithKey creates an option holding a private/public key pair.
// The private part signs a certificate, and the public part represents the signee.
func WithKey(key crypto.Signer) CertOption