MCPcopy Index your code
hub / github.com/go-acme/lego

github.com/go-acme/lego @v5.2.2

repository ↗ · DeepWiki ↗ · release v5.2.2 ↗ · + Follow
8,297 symbols 47,782 edges 1,266 files 3,174 documented · 38% 7 cross-repo links updated 1d agov5.2.2 · 2026-06-02★ 9,71287 open issues
README

lego logo

Automatic Certificates and HTTPS for everyone.

Lego

ACME client and library for Let's Encrypt and other ACME CAs written in Go.

Go Reference Build Status Docker Pulls

lego is an independent, free, and open-source project, if you value it, consider supporting it! ❤️

Everybody thinks that the others will donate, but in the end, nobody does.

So if you think that lego is worth it, please consider donating.

Features

  • ACME v2 RFC 8555
  • Support RFC 8737: TLS Application‑Layer Protocol Negotiation (ALPN) Challenge Extension
  • Support RFC 8738: certificates for IP addresses
  • Support RFC 9773: Renewal Information (ARI) Extension
  • Support draft-ietf-acme-profiles-00: Profiles Extension
  • Support draft-ietf-acme-dns-persist-01: Challenge for Persistent DNS TXT Record Validation
  • Comes with more than 200 DNS providers
  • Register with CA
  • Obtain certificates, both from scratch or with an existing CSR
  • Renew certificates
  • Revoke certificates
  • Robust implementation of ACME challenges:
  • HTTP (http-01)
  • DNS (dns-01)
  • TLS (tls-alpn-01)
  • SAN certificate support
  • CNAME support by default
  • Custom challenge solvers
  • Certificate bundling
  • OCSP helper function

Installation

How to install.

Usage

Documentation

Documentation is hosted live at https://go-acme.github.io/lego/.

DNS providers

Detailed documentation is available here.

If your DNS provider is not supported, please open an issue.

1cloud.ru 35.com/三五互联 51DNS Abion
Active24 Akamai EdgeDNS Alibaba Cloud DNS AlibabaCloud ESA
all-inkl Alwaysdata Amazon Lightsail Amazon Route 53
Anexia CloudDNS ANS SafeDNS ArtFiles ArvanCloud
Aurora DNS Autodns Axelname Azion
Azure DNS Baidu Cloud Beget.com Binary Lane
Bindman Bluecat Bluecat v2 BookMyName
Bunny Checkdomain Civo Cloud.ru
CloudDNS Cloudflare ClouDNS Connbyte
ConoHa v2 ConoHa v3 Constellix Core-Networks
CPanel/WHM Curanet Czechia DanDomain
DDnss (DynDNS Service) Derak Cloud deSEC.io Designate DNSaaS for Openstack
Digital Ocean Dinahosting DirectAdmin DNS Made Easy
DNS Update (RFC2136) dns.la DNS.services DNScale
DNSExit dnsHome.de DNSimple Domain Offensive (do.de)
Domeneshop DreamHost Duck DNS Dyn
Dynadot DynDnsFree.de Dynu EasyDNS
EdgeCenter Efficient IP Epik EuroDNS
EUserv Excedo Exoscale External program
F5 XC Fornex freemyip.com FusionLayer NameSurfer
G-Core Gandi Gandi Live DNS (v5) Gehirn
Gigahost.no Glesys Gname Go Daddy
Google Cloud Gravity Hetzner Hosting.de
Hosting.nl Hostinger Hosttech HostUp
HTTP request http.net Huawei Cloud Hurricane Electric DNS
HyperOne IBM Cloud (SoftLayer) IIJ DNS Platform Service Infoblox
Infomaniak Internet.bs INWX Ionos
Ionos Cloud IPv64 ISPConfig 3 ISPConfig 3 - Dynamic DNS (DDNS) Module
JD Cloud Joker Joohoi's ACME-DNS Katapult
KeyHelp Leaseweb Liara Lima-City
Linode (v4) Liquid Web Loopia LuaDNS
Mail-in-a-Box ManageEngine CloudDNS Manual Metaname
Metaregistrar mijn.host Mittwald myaddr.{tools,dev,io}
MyDNS.jp

Extension points exported contracts — how you extend this code

Provider (Interface)
Provider enables implementing a custom challenge provider. Present presents the solution to a challenge available to be [238 …
challenge/provider.go
Link (Interface)
Link represents a middleware interface, enabling middleware chaining. [5 implementers]
internal/tester/servermock/builder.go
User (Interface)
User interface is to be implemented by users of this library. It is used by the client type to get user specific informa [4 …
registration/user.go
RequestSigner (Interface)
(no doc) [2 implementers]
providers/dns/xinnet/internal/client.go
ValidateFunc (FuncType)
ValidateFunc validates a challenge with the ACME server.
challenge/dnspersist01/dns_persist_challenge.go
PreCheckFunc (FuncType)
PreCheckFunc checks DNS propagation before notifying ACME that the DNS challenge is ready.
challenge/dns01/dns_challenge_precheck.go
Option (FuncType)
(no doc)
cmd/internal/hook/manager_options.go
ValidateFunc (FuncType)
(no doc)
challenge/tlsalpn01/tls_alpn_challenge.go

Core symbols most depended-on inside this repo

writeln
called by 3343
cmd/cmd_dnshelp.go
Build
called by 1048
internal/tester/dnsmock/dnsmock.go
With
called by 855
internal/tester/servermock/link_form.go
New
called by 793
acme/api/order.go
ResponseFromFixture
called by 690
internal/tester/servermock/handler_file.go
RestoreEnv
called by 661
internal/tester/env.go
GetOrDefaultSecond
called by 643
platform/env/env.go
Set
called by 618
providers/dns/artfiles/internal/types.go

Shape

Function 4,329
Method 2,223
Struct 1,659
TypeAlias 37
Interface 28
FuncType 21

Languages

Go100%

Modules by API surface

cmd/internal/flags/flags.go38 symbols
providers/dns/nicru/internal/types.go29 symbols
providers/dns/loopia/internal/types.go29 symbols
providers/dns/gandi/internal/types.go26 symbols
certificate/certificates.go25 symbols
providers/dns/plesk/internal/types.go23 symbols
providers/dns/otc/internal/types.go20 symbols
providers/dns/gcloud/googlecloud.go20 symbols
cmd/internal/storage/storage_accounts.go20 symbols
acme/commons.go19 symbols
certcrypto/crypto.go18 symbols
providers/dns/shellrent/internal/client_test.go17 symbols

Dependencies from manifests, versioned

cloud.google.com/go/auth/oauth2adaptv0.2.8 · 1×
cloud.google.com/go/compute/metadatav0.9.0 · 1×
github.com/AdamSLevy/jsonrpc2/v14v14.1.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/azcorev1.21.1 · 1×
github.com/Azure/azure-sdk-for-go/sdk/azidentityv1.13.1 · 1×
github.com/Azure/azure-sdk-for-go/sdk/internalv1.12.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdnsv1.2.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatednsv1.3.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraphv0.10.0 · 1×
github.com/AzureAD/microsoft-authentication-library-for-gov1.7.0 · 1×

For agents

$ claude mcp add lego \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact