blob: 23c6ea2c9497582e2f6ac511bd62a84e22f3c1d1 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
.\" This source code is released into the public domain.
.Dd June 4, 2025
.Dt LFACME 7
.Os
.Sh NAME
.Nm lfacme
.Nd issue, renew and manage ACME certificates
.Sh SYNOPSIS
.Nm lfacme
.Op Fl v
.Op Fl c Ar confdir
.Cm cert list
.Nm lfacme
.Op Fl v
.Op Fl c Ar confdir
.Cm cert remove
.Ar certificate
.Op Ar certificate ...
.Nm lfacme
.Op Fl v
.Op Fl c Ar confdir
.Cm setup
.Op Fl y
.Nm lfacme
.Op Fl v
.Op Fl c Ar confdir
.Cm renew
.Op Fl f
.Op Ar certificate
.Sh DESCRIPTION
The
.Nm
command supports automated management of TLS certificates using an ACME server.
Certificates can be automatically issued and renewed, and a hook system allows
software using those certificates to be automatically (re)configured with the
new certificate.
.Pp
Prior to using
.Nm ,
two configuration files must be created:
.Pa __CONFDIR__/acme.conf
and
.Pa __CONFDIR__/domains.conf .
Samples of both files are provided in
.Pa __CONFDIR__ .
Refer to
.Xr acme.conf 5
and
.Xr domains.conf 5
for more detailed documentation on these files.
.Pp
The following options are supported:
.Bl -tag -width Fl c Ar confdir
.It Fl c Ar confdir
Load the configuration from
.Ar confdir
instead of the default
.Pa __CONFDIR__ .
.It Fl v
Print more detailed output while running.
.El
.Pp
The following commands are supported:
.Bl -tag -width Cm setup
.It Cm setup
Create a new account on the ACME server.
This must be run prior to issuing any certificates.
See
.Xr lfacme-setup 8 .
.It Cm renew
Issue or renew any certificates based on the
.Xr domains.conf 5
configuration file.
See
.Xr lfacme-renew 8 .
.It Cm cert
Manage installed certificates.
See
.Xr lfacme-cert 8 .
.Sh ENVIRONMENT
The following environment variables affect the executation of
.Nm :
.Bl -tag -width LFACME_VERBOSE
.It Ev LFACME_CONFDIR
Override the default configuration directory.
This is equivalent to specifying the
.Fl c
flag on the command line.
.It Ev LFACME_VERBOSE
If set to a non-empty string, run in verbose mode.
This is equivalent to specifying the
.Fl v
flag on the command line.
.El
.Pp
Additionally, any configuration settings described in
.Xr acme.conf 5
may also be set in the environment.
.Sh SEE ALSO
.Xr acme.conf 5 ,
.Xr domains.conf 5 ,
.Xr lfacme-cert 8 ,
.Xr lfacme-renew 8 ,
.Xr lfacme-setup 8
|
