# Buildsheet autogenerated by ravenadm tool -- Do not edit. NAMEBASE= uacme VERSION= 1.7.5 KEYWORDS= security VARIANTS= standard SDESC[standard]= Plain C ACMEv2 client with minimal dependencies HOMEPAGE= https://github.com/ndilieto/uacme/ CONTACT= Michael_Reim[kraileth@elderlinux.org] DOWNLOAD_GROUPS= main SITES[main]= https://github.com/ndilieto/uacme/archive/refs/tags/upstream/ DISTFILE[1]= 1.7.5.tar.gz:main DIST_SUBDIR= uacme DF_INDEX= 1 SPKGS[standard]= complete primary docs man examples OPTIONS_AVAILABLE= none OPTIONS_STANDARD= none BUILD_DEPENDS= asciidoc:single:standard curl:dev:standard libev:dev:standard BUILDRUN_DEPENDS= curl:primary:standard libev:primary:standard USES= gmake pkgconfig ssl DISTNAME= uacme-upstream-1.7.5 LICENSE= GPLv3+:primary LICENSE_TERMS= primary:{{WRKDIR}}/TERMS LICENSE_FILE= GPLv3+:{{WRKSRC}}/COPYING LICENSE_AWK= TERMS:"^$$" LICENSE_SOURCE= TERMS:{{WRKSRC}}/uacme.c LICENSE_SCHEME= solo FPC_EQUIVALENT= security/uacme MUST_CONFIGURE= gnu CONFIGURE_ARGS= --datadir={{STD_EXAMPLESDIR}}/../ --disable-maintainer-mode --enable-docs --sysconfdir={{PREFIX}}/etc --with-openssl={{OPENSSLBASE}} --without-ualpn SUB_FILES= pkg-message-primary SUB_LIST= STD_EXAMPLESDIR={{STD_EXAMPLESDIR}} post-install: mkdir -p ${STAGEDIR}${PREFIX}/etc/ssl/uacme mkdir -p ${STAGEDIR}${PREFIX}/libexec [FILE:732:descriptions/desc.primary] uacme is a light-weight client for the RFC8555 ACMEv2 protocol, written in plain C with minimal dependencies (libcurl and one of GnuTLS, OpenSSL or mbedTLS). The ACMEv2 protocol allows a Certificate Authority (like Let's Encrypt) and an applicant to automate the process of verification and certificate issuance. The protocol also provides facilities for other management functions, such as certificate revocation. Unlike most ACME clients, uacme adheres to the Unix philosophy and tries to do one thing well. For example it will not change your webserver's configuration to automatically use the obtained certificate. It supports the http-01, dns-01 and tls-alpn-01 challenges and comes with example scripts to use them. [FILE:97:distinfo] 596b2fba75fedc7a410dd71583c828642ecd486dfdcfde109dfebb82a374abbe 331458 uacme/1.7.5.tar.gz [FILE:42:manifests/plist.primary] bin/uacme @dir etc/ssl/uacme @dir libexec [FILE:27:manifests/plist.docs] share/doc/uacme/uacme.html [FILE:26:manifests/plist.man] share/man/man1/uacme.1.gz [FILE:45:manifests/plist.examples] share/examples/uacme/ nsupdate.sh uacme.sh [FILE:858:files/pkg-message-primary.in] It's highly recommended to read the documentation, but in case you want to give uacme a quick test, do the following: 1. Create a new account with Let's Encrypt (using the STAGING ENV): # uacme -v -s -c %%PREFIX%%/etc/ssl/uacme/test new 2. Copy the example script 'uacme.sh' from %%STD_EXAMPLESDIR%% to %%PREFIX%%/libexec if you plan on using the http-01 challenge. For the dns-01 copy 'nsupdate.sh' instead. 3. Edit the script at its new location to make changes if necessary (e.g. pointing it to the TSIG key if required for nsupdate). 4. Request an cert e.g. like this for the dns-01 challenge (also using the STAGING ENV): # uacme -v -s -h %%PREFIX%%/libexec/nsupdate.sh -c %%PREFIX%%/etc/ssl/uacme/test issue www.example.org 5. If everything worked, do 1 and 2 again with out the -s flag to obtain a proper TLS certificate. Then automate via cron.