Skip to content

Demo files demonstrating what the new hierarchy we generate in 2024 will look like.

Notifications You must be signed in to change notification settings

letsencrypt/ceremony-demos

Repository files navigation

Let's Encrypt Key Ceremony Demos

This directory contains example config files that simulate certificate profiles used by Let's Encrypt for various key ceremonies in detail. The primary goal is to gather feedback prior to upcoming key ceremonies. The repository will also serve as a historical marker of past ceremonies detailing the evolution of the Let's Encrypt chain of trust.

To see generated certificate output for the upcoming ceremony without needing to run this tooling, see the outputs folder.

To try it out:

  • Install the ceremony tool in your $PATH.

    go install https://github.com/letsencrypt/boulder/cmd/ceremony
  • Install SoftHSMv2.

    sudo apt install softhsm2
  • Update the YAML files, if necessary, to reflect that path to your SoftHSMv2 install.

  • Execute the demo ceremony.

    ./reset.sh && ./run-all.sh
  • If you're working on a specific branch of boulder making changes to the ceremony tool and need to test an uncoming ceremony:

    export CEREMONY_BIN=/path/to/active/development/boulder/bin/ceremony
    ./run.sh

About

Demo files demonstrating what the new hierarchy we generate in 2024 will look like.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published