ACMEOW Documentation

ACMEOW is a production-grade Python library for automated SSL/TLS certificate management using the ACME protocol (RFC 8555).

Note

This library requires Python 3.10 or later.

Features

• Full ACME Protocol Support: Complete RFC 8555 implementation including account management, certificate issuance, and revocation

• Multiple Challenge Types: DNS-01, HTTP-01, and TLS-ALPN-01 challenge validation

• Flexible Handlers: Built-in handlers and callback-based custom handlers

• Thread-Safe: Safe for use in multi-threaded applications

• Type Hints: Full type annotations for better IDE support

Quick Start

Installation

pip install acmeow

Basic Usage

from pathlib import Path
from acmeow import AcmeClient, Identifier, KeyType, CallbackDnsHandler

# Create client
client = AcmeClient(
    server_url="https://acme-v02.api.letsencrypt.org/directory",
    email="admin@example.com",
    storage_path=Path("./acme_data"),
)

# Create account
client.create_account()

# Create order
order = client.create_order([Identifier.dns("example.com")])

# Define DNS record handlers
def create_record(domain, name, value):
    # Create TXT record using your DNS provider API
    pass

def delete_record(domain, name):
    # Delete TXT record
    pass

# Complete challenges
handler = CallbackDnsHandler(create_record, delete_record)
client.complete_challenges(handler)

# Finalize and get certificate
client.finalize_order(KeyType.EC256)
cert_pem, key_pem = client.get_certificate()

Table of Contents

User Guide

• Installation
  • Requirements
  • Installing from PyPI
  • Installing from Source
  • Development Installation
  • Verifying Installation
• Quick Start Guide
  • Prerequisites
  • Basic Workflow
  • Complete Example
  • ACME Servers
• Challenge Types
  • DNS-01 Challenge
  • HTTP-01 Challenge
  • TLS-ALPN-01 Challenge
  • Challenge Comparison
• Account Management
  • Creating an Account
  • External Account Binding (EAB)
  • Updating Contact Information
  • Account Key Rollover
  • Deactivating an Account
  • Certificate Revocation

API Reference

• Client
  • AcmeClient
• Models
  • Account
  • Order
  • Authorization
  • Challenge
  • Identifier
• Challenge Handlers
  • ChallengeHandler (Base)
  • DNS-01 Handlers
  • HTTP-01 Handlers
  • TLS-ALPN-01 Handlers
  • Helper Functions
• Exceptions
  • AcmeError
  • AcmeServerError
  • AcmeAuthenticationError
  • AcmeAuthorizationError
  • AcmeOrderError
  • AcmeCertificateError
  • AcmeConfigurationError
  • AcmeNetworkError
  • AcmeTimeoutError
  • AcmeRateLimitError
  • AcmeDnsError
• Enumerations
  • ChallengeType
  • IdentifierType
  • KeyType
  • OrderStatus
  • AuthorizationStatus
  • ChallengeStatus
  • AccountStatus
  • RevocationReason

Project

• Changelog
• Contributing

Indices and tables

• Index

• Module Index

• Search Page