infinityfree/acmecore
Composer 安装命令:
composer require infinityfree/acmecore
包简介
Raw implementation of the ACME protocol in PHP
README 文档
README
AcmeCore is a modified version of the Acme PHP Core library.
When to use AcmeCore
AcmeCore is designed as a straight forward implementation of the Let's Encrypt/ACME protocol following best practices for libraries. There are no file system dependencies, integrated schedulers or anything like that. You can integrate it in your own project and take care of scheduling and persistence yourself.
Differences with Acme PHP Core
Acme PHP Core is a great library, but assumes that the "happy path" always works. I.e. the CA never returns an error, performs all tasks quickly, and always returns the expected data. With Let's Encrypt this is generally true, but other CAs might be less stable.
The key differences between this library and Acme PHP Core are the following:
- Every function on
AcmeClientmaps to a single step in the ACME process. This way, you're free to call and retry the steps at your own pace (e.g. retrying receiving a certificate without calling finalize again). - No more sleep loops. Schedule tasks the way you want, and don't hog a PHP process if you don't want to.
CertificateOrders now contain the status of the order. Load the order with thereloadOrderfunction, see the current status of the order and choose the next step to apply.
Documentation
The official Acme PHP documentation still applies for the most part. But the certificate issuance process has been changed a bit.
$secureHttpClientFactory = new SecureHttpClientFactory( new GuzzleHttpClient(), new Base64SafeEncoder(), new KeyParser(), new DataSigner(), new ServerErrorHandler() ); // $accountKeyPair instance of KeyPair $secureHttpClient = $secureHttpClientFactory->createSecureHttpClient($accountKeyPair); // Important, change to production LE directory for real certs! $acmeClient = new AcmeClient($secureHttpClient, 'https://acme-staging-v02.api.letsencrypt.org/directory'); // Request a certificate for mydomain.com. $certificateOrder = $acmeClient->requestOrder('mydomain.com'); // Retrieve the challenges to complete for mydomain.com. $challenges = $certificateOrder->getAuthorizationChallenges('mydomain.com'); // Now complete the challenge for the domain. // Find the challenge object for the verification type you want to do, e.g. http-01, dns-01. $challenge = $challenges[0]; // Ask the CA to confirm the authorization. $challenge = $acmeClient->challengeAuthorization($dnsChallenge); // Wait for the CA to complete the authorization. // This example uses a sleep loop, but you can schedule your own. while ($challenge->getStatus() != 'ready') { sleep(1); $challenge = $acmeClient->reloadAuthorization($challenge); } // Prepare the CSR $dn = new DistinguishedName('mydomain.com'); $keyPairGenerator = new KeyPairGenerator(); // Make a new key pair. We'll keep the private key as our cert key $domainKeyPair = $keyPairGenerator->generateKeyPair(); // This is the private key echo $domainKeyPair->getPrivateKey()->getPem()); // Generate CSR $csr = new CertificateRequest($dn, $domainKeyPair); // Tell the CA to generate the certificate. $certificateOrder = $acmeClient->finalizeOrder($certificateOrder, $csr); // Wait for the CA to complete the issuance. // This example uses a sleep loop, but you can schedule your own. while ($certificateOrder->getStatus() != 'issued') { sleep(1); $certificateOrder = $acmeClient->reloadOrder($certificateOrder->getOrderEndpoint()); } // Retrieve the generated certificate. $certificate = $acmeClient->retrieveCertificate($certificateOrder); // This is the generated certificate. echo $certificate->getPem();
Launch the Test suite
The Acme PHP test suite is located in the main repository: https://github.com/acmephp/acmephp#launch-the-test-suite.
infinityfree/acmecore 适用场景与选型建议
infinityfree/acmecore 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 838 次下载、GitHub Stars 达 5, 最近一次更新时间为 2022 年 02 月 09 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「https」 「encryption」 「x509」 「openssl」 「ssl」 「certificate」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 infinityfree/acmecore 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 infinityfree/acmecore 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 infinityfree/acmecore 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A simple PHP class to encrypt a string and decrypt an encrypted string
A PHP Framework that allows you to encode and decode arbitrary ASN.1 structures using the ITU-T X.690 Encoding Rules.
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
A Laravel artisan based package to create the AWS (SES + SNS) infrastructure to receive email event notifications with Http/Https endpoint.
Encryption with AES-256 and HMAC-SHA256
URL routing framework and requests/responses handler for PHP
统计信息
- 总下载量: 838
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 5
- 点击次数: 28
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2022-02-09