(c)2018 by Execute SARL
TExecuteACME component let you request a "Let's Encrypt" certificate for you domain.
The component supports HTTP Challenge, you can use a self hosted WebServer (TidHTTPServer) to validate the certificate or use the OnHttpChallenge event to store the challenge reply on your website.
In both case you need to manage the domain's HTTP (not HTTPS) server.
this component is compatible with Delphi Tokyo 10.2.3 (even the Community Edition) and Rio.
- Download the repository
- Open ACMEGroup.groupproj
- Right click on the project "Execute.ACMEDesign.bpl" and install it
- Select the ACMEDemo project
- Compile and run the Application
the application requires OpenSSL (libeay32.dll and ssleay32.dll) on the first start, the application can create Account.key and Domain.key for you, (generating a 4096bits take some time, this is normal).
Account.key will be your Let's Encrypt account private key, place it on a safe place (with a password).
Domain.key is the private key for the domain (same recommandations).
(you have to do this periodically because the certificate lives only for 90 days !)
TExecuteACME.RegisterDomain();
-> Account.key -> register a Let's Encrypt account.
-> Domain.key -> send a Certification Signing Request.
-> OnHttpChallenge -> store the challenge Token & Thumbprint.
-> OnDone -> the certificate is not ready yet, try later.
Let's Encrypt -> http://(domain)/.well-known/acme-challenge/(token) <- Thumbprint
TExecuteACME.FinalizeDomain();
-> Account.key -> Retrieve account status.
-> Domain.key -> Retrieve the Certificate from Let's Encrypt.
-> OnCertificate -> store the updated certificate.
TExecuteACME.UnRegisterDomain();
-> Domain.key -> Revoke Certificat
-> OnDone -> the certificate is revoked.
Better error handling with error report SubjectAltNames let you define alternative names for the DomainName new OrderURL and OrderStatus properties FinalizeDomain is now used (with OrderURL) to retrieve the last requested Certificat OnHttpChallenge has a new parameter Processed to let you delay the challenge (call FinalizeDomain when the challenge is ready, the event will be fired again and then you can set Processed to True)
this repository contains the full source code of the demo application for the CLOSED SOURCE component TExecuteACME.
you'll find the compiled Execute.ACME.dcu unit (only for Tokyo 10.2.3) in the lib folder and the Interface part of the Unit in Execute.ACME.Interface.pas.
This component is NOT FREE !
You have to register a licence to use it in any commercial product
you are NOT allowed to use this component to register a commercial website certificate without a registered licence.
You can buy the component source code for 50€ per developper up to 200€ (site licence).
Minor version updates indefinitely and major version updates for 1 year from date of purchase.
If I sell 100 licences (5.000€), the component will be released under GPL :)
Even then you'll still be able to buy a commercial licence for my part of the component.
Feedbacks are welcome.