ClientFromContext returns the current client from the given context.

DatabaseFromContext returns the current acme database from the given context.

DefaultPrerequisitesChecker is the default PrerequisiteChecker and returns always true.

IsErrNotFound returns true if the error is a "not found" error.

KeyAuthorization creates the ACME key authorization value from a token and a jwk.

KeyToID converts a JWK to a thumbprint.

LinkerFromContext returns the current linker from the given context.

MustClientFromContext returns the current client from the given context.

MustDatabaseFromContext returns the current database from the given context.

MustLinkerFromContext returns the current linker from the given context.

MustProvisionerFromContext returns the current provisioner from the given context.

NewClient returns an implementation of Client for verifying ACME challenges.

NewClientContext adds the given client to the context.

NewContext adds the given acme components to the context.

NewDatabaseContext adds the given acme database to the context.

NewDetailedError creates a new Error that includes the error message in the details, providing more information to the ACME client.

NewError creates a new Error.

NewErrorISE creates a new ErrorServerInternalType Error.

NewLinker returns a new Directory type.

NewLinkerContext adds the given linker to the context.

NewPrerequisitesCheckerContext adds the given PrerequisitesChecker to the context.

NewProvisionerContext adds the given provisioner to the context.

NewSubproblem creates a new Subproblem.

NewSubproblemWithIdentifier creates a new Subproblem with a specific ACME Identifier.

PrerequisitesCheckerFromContext returns the PrerequisitesChecker in the context.

ProvisionerFromContext returns the current provisioner from the given context.

WrapError attempts to wrap the internal error.

WrapErrorISE shortcut to wrap an internal server error type.

AccountLinkType account.

AuthzLinkType new-authz.

CertificateLinkType certificate.

ChallengeLinkType challenge.

DEVICEATTEST01 is the device-attest-01 ACME challenge type.

DirectoryLinkType directory.

DNS is the ACME dns identifier type.

DNS01 is the dns-01 ACME challenge type.

ErrorAccountDoesNotExistType request specified an account that does not exist.

ErrorAlreadyRevokedType request specified a certificate to be revoked that has already been revoked.

ErrorBadAttestationStatementType WebAuthn attestation statement could not be verified.

ErrorBadCSRType CSR is unacceptable (e.g., due to a short key).

ErrorBadNonceType client sent an unacceptable anti-replay nonce.

ErrorBadPublicKeyType JWS was signed by a public key the server does not support.

ErrorBadRevocationReasonType revocation reason provided is not allowed by the server.

ErrorBadSignatureAlgorithmType JWS was signed with an algorithm the server does not support.

ErrorCaaType Authority Authorization (CAA) records forbid the CA from issuing a certificate.

ErrorCompoundType error conditions are indicated in the “subproblems” array.

ErrorConnectionType server could not connect to validation target.

ErrorDNSType was a problem with a DNS query during identifier validation.

ErrorExternalAccountRequiredType request must include a value for the “externalAccountBinding” field.

ErrorIncorrectResponseType received didn’t match the challenge’s requirements.

ErrorInvalidContactType URL for an account was invalid.

ErrorMalformedType request message was malformed.

ErrorNotImplementedType operation is not implemented.

ErrorOrderNotReadyType request attempted to finalize an order that is not ready to be finalized.

ErrorRateLimitedType request exceeds a rate limit.

ErrorRejectedIdentifierType server will not issue certificates for the identifier.

ErrorServerInternalType server experienced an internal error.

ErrorTLSType server received a TLS error during validation.

ErrorUnauthorizedType client lacks sufficient authorization.

ErrorUnsupportedContactType URL for an account used an unsupported protocol scheme.

ErrorUnsupportedIdentifierType identifier is of an unsupported type.

ErrorUserActionRequiredType the “instance” URL and take actions specified there.

FinalizeLinkType finalize order.

HTTP01 is the http-01 ACME challenge type.

IP is the ACME ip identifier type.

KeyChangeLinkType key rollover.

NewAccountLinkType new-account.

NewAuthzLinkType authz.

NewNonceLinkType new-nonce.

NewOrderLinkType new-order.

OrderLinkType order.

OrdersByAccountLinkType list of orders owned by account.

PermanentIdentifier is the ACME permanent-identifier identifier type defined in https://datatracker.ietf.org/doc/html/draft-bweeks-acme-device-attest-00.

RevokeCertLinkType revoke certificate.

TLSALPN01 is the tls-alpn-01 ACME challenge type.

WireDevice is the Wire device identifier type.

WIREDPOP01 is the Wire DPoP challenge type.

WIREOIDC01 is the Wire OIDC challenge type.

WireUser is the Wire user identifier type.

ErrNotFound is an error that should be used by the acme.DB interface to indicate that an entity does not exist.

InsecurePortHTTP01 is the port used to verify http-01 challenges.

InsecurePortTLSALPN01 is the port used to verify tls-alpn-01 challenges.

StatusDeactivated -- deactivated; e.g.

StatusInvalid -- invalid.

StatusPending -- pending; e.g.

StatusReady -- ready; e.g.

StatusValid -- valid.

StrictFQDN allows to enforce a fully qualified domain name in the DNS resolution.

Account is a subset of the internal account type containing only those attributes required for responses in the ACME protocol.

Authorization representst an ACME Authorization.

Certificate options with which to create and store a cert object.

Challenge represents an ACME response Challenge type.

Clock that returns time in UTC rounded to seconds.

Error represents an ACME Error.

ExternalAccountKey is an ACME External Account Binding key.

Identifier encodes the type that an order pertains to.

MockDB is an implementation of the DB interface that should only be used as a mock in tests.

MockProvisioner for testing.

MockWireDB is an implementation of the WireDB interface that should only be used as a mock in tests.

Order contains order metadata for the ACME protocol order type.

Policy is an ACME Account level policy.

PolicyNames contains ACME account level policy names.

Subproblem represents an ACME subproblem.

X509Policy contains ACME account level X.509 policy.

CertificateAuthority is the interface implemented by a CA authority.

Client is the interface used to verify ACME challenges.

DB is the DB interface expected by the step-ca ACME API.

Linker interface for generating links for ACME resources.

Provisioner is an interface that implements a subset of the provisioner.Interface -- only those methods required by the ACME api/authority.

WireDB is the interface used for operations on ACME Orders for Wire identifiers.

LinkType captures the link type.

Nonce represents an ACME nonce type.

PrerequisitesChecker is a function that checks if all prerequisites for serving ACME are met by the CA configuration.

ProblemType is the type of the ACME problem.

Status represents an ACME status.