Artifact lacme-accountd_0.8.2-1+deb12u1_all

Metadata
deb_control_files:
- conffiles
- control
- md5sums
deb_fields:
  Architecture: all
  Depends: libconfig-tiny-perl, libjson-perl, perl:any
  Description: |-
    lacme account key manager
     lacme is an ACME client which can be used to request X.509 certificates from
     ACME service providers such as Let's Encrypt or ZeroSSL.  The architecture is
     designed with process isolation and minimal privileges in mind, and is divided
     into four components:
     .
      * A process to manage the account key and issue SHA-256 signatures needed for
        each ACME command.  (This process binds to a UNIX-domain socket to reply to
        signature requests from the ACME client.)  One can use the UNIX-domain
        socket forwarding facility of OpenSSH 6.7 and later to run this process on
        a different host.
     .
      * A "master" process, which runs as root and is the only component
        with access to the private key material of the server keys.  It is used to
        fork the ACME client (and optionally the ACME webserver) after dropping
        root privileges.  For certificate issuances, it also generates Certificate
        Signing Requests, then verifies the validity of the issued certificate, and
        optionally reloads or restarts services.
     .
      * An actual ACME client, which builds ACME commands and dialogues with
        the remote ACME server.  Since ACME commands need to be signed with the
        account key, the "master" process passes the UNIX-domain socket of the
        account key manager to the ACME client: data signatures are requested by
        writing the data to be signed to the socket.
     .
      * For certificate issuances, an optional webserver, which is spawned
        by the "master" process when no service is listening on the HTTP port.
        (The only challenge type currently supported is "http-01", which requires a
        webserver to answer challenges.)  That webserver only processes GET and
        HEAD requests under the "/.well-known/acme-challenge/" URI.  iptables(8)
        rules can optionally be installed to temporarily open the HTTP port.
     .
     lacme-accountd is the first (account key manager) component.  It is the only
     component with access to the account key.
  Homepage: https://git.guilhem.org/lacme/about/
  Installed-Size: '40'
  Maintainer: Guilhem Moulin <guilhem@debian.org>
  Multi-Arch: foreign
  Package: lacme-accountd
  Priority: optional
  Recommends: libcrypt-openssl-rsa-perl
  Section: utils
  Source: lacme
  Suggests: gpg, openssl
  Version: 0.8.2-1+deb12u1
srcpkg_name: lacme
srcpkg_version: 0.8.2-1+deb12u1

File

lacme-accountd_0.8.2-1+deb12u1_all.deb
Binary file lacme-accountd_0.8.2-1+deb12u1_all.deb cannot be displayed. you can view it raw or download it instead.

Relations

Relation Direction Type Name
built-using Source package lacme_0.8.2-1+deb12u1

binary package System - - 4 months, 2 weeks ago 3 months, 2 weeks
BETA