You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

83 lines
2.6 KiB

.\" Copyright (c) 2019 Rodolphe Bréard <rodolphe@breard.tf>
.\"
.\" Copying and distribution of this file, with or without modification,
.\" are permitted in any medium without royalty provided the copyright
.\" notice and this notice are preserved. This file is offered as-is,
.\" without any warranty.
.Dd June 5, 2019
.Dt TACD 8
.Os
.Sh NAME
.Nm tacd
.Nd TLS-ALPN Challenge Daemon
.Sh SYNOPSIS
.Nm
.Op Fl e|--acme-ext Ar STRING
.Op Fl -acme-ext-file Ar FILE
.Op Fl d|--domain Ar STRING
.Op Fl -domain-file Ar STRING
.Op Fl f|--foregroung
.Op Fl h|--help
.Op Fl l|--listen Ar host:port
.Op Fl -log-stderr
.Op Fl -log-syslog
.Op Fl -log-level Ar LEVEL
.Op Fl -pid-file Ar FILE
.Op Fl V|--version
.Sh DESCRIPTION
.Nm
is a server that will listen to incoming Transport Layer Security
.Pq TLS
connections and, if the
.Em acme-tls/1
protocol has been declared during the Application-Layer Protocol Negotiation
.Pq ALPN ,
present a self-signed certificate in order to attempt to solve the TLS-ALPN-01 challenge. It then drops the connection.
.Pp
In order to generate the self-signed certificate, it is required to specify both the
.Em domain name
to validate and the
.Em acmeIdentifier extension .
If one of those values is not specified using the available options, it is read from the standard input. When reading from the standard input, a new line character is expected at the end. In the case both values needs to be read from the standard input, the
.Em domain name
is read first, then the
.Em acmeIdentifier extension .
.Pp
The options are as follows:
.Bl -tag
.It Fl e, -acme-ext Ar STRING
The acmeIdentifier extension to set in the self-signed certificate.
.It Fl -acme-ext-file Ar FILE
File from which is read the acmeIdentifier extension to set in the self-signed certificate.
.It Fl d, -domain Ar STRING
The domain that is being validated.
.It Fl -domain-file Ar STRING
File from which is read the domain that is being validated.
.It Fl f, -foregroung
Runs in the foregroung.
.It Fl h, -help
Prints help information.
.It Fl i, -listen Ar host:port | unix:path
Specifies the host and port combination or the unix socket to listen on.
.It Fl -log-stderr
Prints log messages to the standard error output.
.It Fl -log-syslog
Sends log messages via syslog.
.It Fl -log-level Ar LEVEL
Specify the log level. Possible values: error, warn, info, debug and trace.
.It Fl -pid-file Ar FILE
Specifies the location of the PID file.
.It Fl V, -version
Prints version information.
.Sh SEE ALSO
.Xr acmed.toml 5
.Sh STANDARDS
.Rs
.%A R. Shoemaker
.%D September 2019
.%R draft-ietf-acme-tls-alpn-06
.%T ACME TLS ALPN Challenge Extension
.Re
.Sh AUTHORS
.An Rodolphe Bréard
.Aq rodolphe@breard.tf