F5 has unveiled the pre-release of the ngx_http_acme module, introducing automated certificate management through the ACMEv2 protocol, aligning with Let’s Encrypt standards. This module streamlines the process for administrators, eliminating manual certificate updates. By leveraging configuration settings, the module autonomously secures certificates from Let’s Encrypt or other ACME-supported services. Developed in the Rust language, the module code integrates the NGINX-Rust SDK for enhanced functionality.
Example of nginx.config:
resolver 127.0.0.1:53;
acme_issuer example {
uri https://acme.example.com/directory;
contact admin@example.test;
state_path /var/cache/nginx/acme-example;
accept_terms_of_service;
}
acme_shared_zone zone=ngx_acme_shared:1M;
server {
listen 443 ssl;
server_name .example.test;
acme_certificate example;
ssl_certificate $acme_certificate;
ssl_certificate_key $acme_certificate_key;
# do not parse the certificate on each request
ssl_certificate_cache max=2;
}
server {
# listener on port 80 is required to process ACME HTTP-01 challenges
listen 80;
location / {
return 404;
}
}
More information: https://links.extim.su/odx2KDd