alt Hacker NewsNeat, I've used lego (https://github.com/go-acme/lego) but will certainly have to give uacme a look, love me a simple ACME client.
acme.sh was too garish for my liking, even as a guy that likes his fair share of shell scripts. And obviously certbot is a non-starter because of snap.
Replies
catlifeonmars • today at 12:29 PM
Lego is solid. I use it with Route53 to do automatic renewal of LE certs for various endpoints before the certs expire.
Certbot has earned my ire on just about every occasion I've had to interact with it. It is a terrible program and I can't wait to finish replacing it everywhere.
The new setup is using uAcme and nsupdate to do DNS-01 challenges. No more fiddling with any issues in the web server config for a particular virtual host, like some errant rewrite rule that prevents access to .well-known/.