Mirror
/
acmed
mirror of https://github.com/breard-r/acmed.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
573 Commits
4 Branches
29 Tags
2.9 MiB
 
 
 
 
Tree: 3fb8c23d85
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3fb8c23d85'
${ noResults }
acmed/man/en/tacd.8

103 lines
3.2 KiB
Raw Blame History

.\" Copyright (c) 2019-2020 Rodolphe Bréard <rodolphe@breard.tf>
.\"
.\" Copying and distribution of this file, with or without modification,
.\" are permitted in any medium without royalty provided the copyright
.\" notice and this notice are preserved. This file is offered as-is,
.\" without any warranty.
.Dd Mar 17, 2025
.Dt TACD 8
.Os
.Sh NAME
.Nm tacd
.Nd TLS-ALPN Challenge Daemon
.Sh SYNOPSIS
.Nm
.Op Fl e|--acme-ext Ar STRING
.Op Fl -acme-ext-file Ar FILE
.Op Fl -crt-digest Ar STRING
.Op Fl -crt-signature-alg Ar STRING
.Op Fl d|--domain Ar STRING
.Op Fl -domain-file Ar STRING
.Op Fl f|--foreground
.Op Fl h|--help
.Op Fl l|--listen Ar host:port
.Op Fl -log-stderr
.Op Fl -log-syslog
.Op Fl -log-level Ar LEVEL
.Op Fl -no-pid-file
.Op Fl -pid-file Ar FILE
.Op Fl V|--version
.Sh DESCRIPTION
.Nm
is a server that will listen to incoming Transport Layer Security
.Pq TLS
connections and, if the
.Em acme-tls/1
protocol has been declared during the Application-Layer Protocol Negotiation
.Pq ALPN ,
present a self-signed certificate in order to attempt to solve the TLS-ALPN-01 challenge. It then drops the connection.
.Pp
In order to generate the self-signed certificate, it is required to specify both the
.Em domain name
to validate and the
.Em acmeIdentifier extension .
If one of those values is not specified using the available options, it is read from the standard input. When reading from the standard input, a new line character is expected at the end. In the case both values needs to be read from the standard input, the
.Em domain name
is read first, then the
.Em acmeIdentifier extension .
.Pp
The options are as follows:
.Bl -tag
.It Fl e, -acme-ext Ar STRING
The acmeIdentifier extension to set in the self-signed certificate.
.It Fl -acme-ext-file Ar FILE
File from which is read the acmeIdentifier extension to set in the self-signed certificate.
.It Fl -crt-digest Ar STRING
Set the certificate's digest algorithm. Possible values are:
.Bl -dash -compact
.It
sha256
.It
sha384
.It
sha512
.El
.It Fl -crt-signature-alg Ar STRING
Set the certificate's signature algorithm. Possible values depends on the cryptographic library support and can be listed using the
.Em --help
flag.
.It Fl d, -domain Ar STRING
The domain that is being validated.
.It Fl -domain-file Ar STRING
File from which is read the domain that is being validated.
.It Fl f, -foreground
Runs in the foreground.
.It Fl h, -help
Prints help information.
.It Fl i, -listen Ar host:port | unix:path
Specifies the host and port combination or the unix socket to listen on.
.It Fl -log-stderr
Prints log messages to the standard error output.
.It Fl -log-syslog
Sends log messages via syslog.
.It Fl -log-level Ar LEVEL
Specify the log level. Possible values: error, warn, info, debug and trace.
.It Fl -no-pid-file
Do not create any PID file
.It Fl -pid-file Ar FILE
Specifies the location of the PID file.
.It Fl V, -version
Prints version information.
.El
.Sh SEE ALSO
.Xr acmed.toml 5
.Sh STANDARDS
.Rs
.%A R.B. Shoemaker
.%D February 2020
.%R RFC 8737
.%T Automated Certificate Management Environment (ACME) TLS Application-Layer Protocol Negotiation (ALPN) Challenge Extension
.Re
.Sh AUTHORS
.An Rodolphe Bréard
.Aq rodolphe@breard.tf