[diafygi]

FYI, if you don't want to install all the dependencies of the official letsencrypt client, I made a <200 line python script that automates issuing and renewing certificates. Love the Let's Encrypt project, but really don't want to install all those dependencies on my server just to get a free cert.

https://github.com/diafygi/acme-tiny

[joshmoz]

Head of Let's Encrypt here. I don't love the number of dependencies for our client either, we're going to work to reduce them.

[diafygi]

No worries! Every time I see a Let's Encrypt thread on HN, there's always complaining about having to trust the official client with root access, webserver configs, dependencies, or whatever. So I made my clients (letsencrypt-nosudo, gethttpsforfree.com, acme-tiny) to shut those people up. My clients are not intended to serve the wider Let's Encrypt target audience, who probably don't know what a CSR is. But for those who do, I made clients that don't ask for the access/trust that the official client needs to serve its target audience.

Thanks for making Let's Encrypt and ACME!

[jannic]

And thanks for writing acme-tiny!

It was really easy to setup automatic renewals, running as an ordinary user. sudo access for reloading apache is the only privileged operation necessary. Great job!

[sinatra]

Maybe you can consider getting someone at Let's Encrypt review diafygi's acme-tiny code and, if approved, propose it as an alternative on the Let's Encrypt site. This will be very useful for users who get turned off by the root requirement or the number of dependencies.

[davexunit]

Great! I did some work packaging the official Let's Encrypt client for GNU Guix and the dependency graph (complete with circular dependencies in all of the Zope mess) is absurdly huge. Definitely going to give this a try.

[StavrosK]

This is my recommended client as well. Easy to use, easy to script, completely automatic. Well done.

[nereid666]

Very useful. Thx!