Decorative site banner
Project icon

com.io7m.certusine

  • About
  • Releases
  • Manual
  • Sources
  • License
  • Issues
Maven Central Version Maven Snapshot Code Coverage

certusine

The certusine package provides an ACME client.

Features

  • Uses acme4j internally for strong RFC compliance.
  • Exclusively uses the DNS-01 ACME challenge type for ease of integration with infrastructure without having to set up insecure web servers.
  • A small, easily auditable codebase with a heavy use of modularity for correctness.
  • Exposes a service provider API for integrating with new DNS APIs.
  • Exposes a service provider API for implementing new types of certificate outputs.
  • Supports Hetzner DNS.
  • Supports Vultr DNS.
  • Supports Gandi LiveDNS.
  • Supports writing certificates to looseleaf servers.
  • Heavily instrumented with OpenTelemetry for reliable service monitoring.
  • An extensive automated test suite with high coverage.
  • A small footprint; the client is designed to run in tiny 16-32mb JVM heap configurations.
  • Platform independence. No platform-dependent code is included in any form, and installations can largely be carried between platforms without changes.
  • OSGi-ready.
  • JPMS-ready.
  • ISC license.

Usage

See the documentation.

Releases & Development Snapshots

Releases

You can subscribe to the atom feed to be notified of project releases.

The most recently released version of the package is 3.2.0.

3.2.0 Release (2025-04-30Z)

  • Update org.junit:junit-bom:5.10.2 → 5.10.3.
  • Update jetty.version:11.0.21 → 11.0.22.
  • Update jackson.version:2.17.1 → 2.17.2.
  • Update io.opentelemetry:opentelemetry-bom:1.39.0 → 1.40.0.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.39.0 → 1.40.0.
  • Update net.byte-buddy.version:1.14.17 → 1.14.18.
  • Update org.jetbrains.kotlin:kotlin-stdlib:1.9.24 → 1.9.25.
  • Update dnsjava:dnsjava:3.5.3 → 3.6.0.
  • Update dnsjava:dnsjava:3.6.0 → 3.6.1.
  • Update org.xerial:sqlite-jdbc:3.46.0.0 → 3.46.0.1.
  • Update org.slf4j:slf4j-api:2.0.13 → 2.0.14.
  • Update org.slf4j:slf4j-api:2.0.14 → 2.0.15.
  • Update io.opentelemetry:opentelemetry-bom:1.40.0 → 1.41.0.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.40.0 → 1.41.0.
  • Update com.h2database:h2-mvstore:2.2.224 → 2.3.232.
  • Update org.slf4j:slf4j-api:2.0.15 → 2.0.16.
  • Update org.junit:junit-bom:5.10.3 → 5.11.0.
  • Update logback.version:1.5.6 → 1.5.7.
  • Update net.byte-buddy.version:1.14.18 → 1.14.19.
  • Update org.xerial:sqlite-jdbc:3.46.0.1 → 3.46.1.0.
  • Update jetty.version:11.0.22 → 11.0.23.
  • Update net.byte-buddy.version:1.14.19 → 1.15.0.
  • Update org.mockito:mockito-core:5.12.0 → 5.13.0.
  • Update net.byte-buddy.version:1.15.0 → 1.15.1.
  • Update jetty.version:11.0.23 → 11.0.24.
  • Update logback.version:1.5.7 → 1.5.8.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.41.0 → 1.42.0.
  • Update io.opentelemetry:opentelemetry-bom:1.41.0 → 1.42.0.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.42.0 → 1.42.1.
  • Update io.opentelemetry:opentelemetry-bom:1.42.0 → 1.42.1.
  • Update com.squareup.okio:okio-jvm:3.9.0 → 3.9.1.
  • Update com.io7m.jproperties:com.io7m.jproperties.core:3.2.0 → 4.0.0.
  • Update com.io7m.looseleaf.version:1.1.0 → 2.0.0.
  • Update com.io7m.dixmont:com.io7m.dixmont.core:1.0.0 → 2.0.0.
  • Update com.io7m.trasco.version:1.1.0 → 2.0.0.
  • Update com.io7m.trasco.version:2.0.0 → 2.0.1.
  • Update dnsjava:dnsjava:3.6.1 → 3.6.2.
  • Update net.byte-buddy.version:1.15.1 → 1.15.2.
  • Update org.xerial:sqlite-jdbc:3.46.1.0 → 3.46.1.2.
  • Update net.byte-buddy.version:1.15.2 → 1.15.3.
  • Update org.junit:junit-bom:5.11.0 → 5.11.1.
  • Update org.xerial:sqlite-jdbc:3.46.1.2 → 3.46.1.3.
  • Update jackson.version:2.17.2 → 2.18.0.
  • Update org.mockito:mockito-core:5.13.0 → 5.14.0.
  • Update org.mockito:mockito-core:5.14.0 → 5.14.1.
  • Update org.junit:junit-bom:5.11.1 → 5.11.2.
  • Update logback.version:1.5.8 → 1.5.9.
  • Update net.byte-buddy.version:1.15.3 → 1.15.4.
  • Update io.opentelemetry:opentelemetry-bom:1.42.1 → 1.43.0.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.42.1 → 1.43.0.
  • Update logback.version:1.5.9 → 1.5.10.
  • Update org.mockito:mockito-core:5.14.1 → 5.14.2.
  • Update logback.version:1.5.10 → 1.5.11.
  • Update net.byte-buddy.version:1.15.4 → 1.15.5.
  • Update org.junit:junit-bom:5.11.2 → 5.11.3.
  • Update net.byte-buddy.version:1.15.5 → 1.15.7.
  • Update org.xerial:sqlite-jdbc:3.46.1.3 → 3.47.0.0.
  • Update logback.version:1.5.11 → 1.5.12.
  • Update jackson.version:2.18.0 → 2.18.1.
  • Update bouncycastle.version:1.78.1 → 1.79.
  • Update net.byte-buddy.version:1.15.7 → 1.15.8.
  • Update net.byte-buddy.version:1.15.8 → 1.15.10.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.43.0 → 1.44.0.
  • Update io.opentelemetry:opentelemetry-bom:1.43.0 → 1.44.0.
  • Update io.opentelemetry:opentelemetry-bom:1.44.0 → 1.44.1.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.44.0 → 1.44.1.
  • Improve telemetry. (Tickets: 136, 137)
  • Handle Vultr DNS API changes. (Tickets: 138)
  • Update org.xerial:sqlite-jdbc:3.47.0.0 → 3.47.1.0.
  • Update jackson.version:2.18.1 → 2.18.2.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.44.1 → 1.45.0.
  • Update io.opentelemetry:opentelemetry-bom:1.44.1 → 1.45.0.
  • Update net.byte-buddy.version:1.15.10 → 1.15.11.
  • Update org.junit:junit-bom:5.11.3 → 5.11.4.
  • Update logback.version:1.5.12 → 1.5.13.
  • Update logback.version:1.5.13 → 1.5.14.
  • Update logback.version:1.5.14 → 1.5.15.
  • Update org.mockito:mockito-core:5.14.2 → 5.15.2.
  • Update org.xerial:sqlite-jdbc:3.47.1.0 → 3.47.2.0.
  • Update logback.version:1.5.15 → 1.5.16.
  • Update com.squareup.okio:okio-jvm:3.9.1 → 3.10.1.
  • Update com.squareup.okio:okio-jvm:3.10.1 → 3.10.2.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.45.0 → 1.46.0.
  • Update bouncycastle.version:1.79 → 1.80.
  • Update codecov/codecov-action:5.1.2 → 5.3.1.
  • Update net.byte-buddy.version:1.15.11 → 1.17.0.
  • Update dnsjava:dnsjava:3.6.2 → 3.6.3.
  • Update io.opentelemetry:opentelemetry-bom:1.45.0 → 1.46.0.
  • Update logback.version:1.5.16 → 1.5.17.
  • Update jackson.version:2.18.2 → 2.18.3.
  • Update org.junit:junit-bom:5.11.4 → 5.12.0.
  • Upgrade to acme4j 3.5.1.
  • Upgrade to trasco 3.0.0.
  • Update io.opentelemetry:opentelemetry-bom:1.46.0 → 1.47.0.
  • Update net.byte-buddy.version:1.17.0 → 1.17.1.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.46.0 → 1.48.0.
  • Update org.xerial:sqlite-jdbc:3.47.2.0 → 3.49.1.0.
  • Update org.junit:junit-bom:5.12.0 → 5.12.1.
  • Update jetty.version:11.0.24 → 11.0.25.
  • Update org.slf4j:slf4j-api:2.0.16 → 2.0.17.
  • Update org.codehaus.mojo:jaxb2-maven-plugin:3.2.0 → 3.3.0.
  • Update net.byte-buddy.version:1.17.4 → 1.17.5.
  • Update logback.version:1.5.17 → 1.5.18.
  • Disable DNS cache. (Tickets: 185)
  • Use SOA queries instead of NS queries to find name servers.

The compiled artifacts for the release (and all previous releases) are available on Maven Central.

Maven Modules

<dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.api</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.certstore.api</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.cmdline</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.documentation</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.gandi</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.grafana</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.hetzner</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.looseleaf</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.oci</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.tests</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.vanilla</artifactId> <version>3.2.0</version> </dependency><dependency> <group>com.io7m.certusine</group> <artifactId>com.io7m.certusine.vultr</artifactId> <version>3.2.0</version> </dependency>

Previous Releases

The changelogs for the most recent previous releases are as follows:

3.1.0 Release (2024-06-10Z)

  • Update logback.version:1.5.3 → 1.5.6.
  • Update jackson.version:2.16.1 → 2.17.0.
  • Update net.bytebuddy:byte-buddy-agent:1.14.12 → 1.14.13.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.36.0 → 1.37.0.
  • Upgrade io.opentelemetry:opentelemetry-bom 1.36.0 → 1.37.0
  • Upgrade io.opentelemetry:opentelemetry-sdk-logs 1.36.0 → 1.37.0
  • Upgrade jackson.version 2.16.1 → 2.17.0
  • Upgrade logback.version 1.5.3 → 1.5.6
  • Upgrade net.bytebuddy:byte-buddy-agent 1.14.12 → 1.14.13
  • Update org.mockito:mockito-core 5.9.0 → 5.11.0.
  • Update net.bytebuddy:byte-buddy-agent 1.14.11 → 1.14.12.
  • Update net.bytebuddy:byte-buddy 1.14.11 → 1.14.12.
  • Update org.slf4j:slf4j-api 2.0.11 → 2.0.12.
  • Update jakarta.xml.bind:jakarta.xml.bind-api 4.0.1 → 4.0.2.
  • Update com.sun.xml.bind:jaxb-impl 4.0.4 → 4.0.5.
  • Update org.xerial:sqlite-jdbc 3.43.2.2 → 3.45.1.0.
  • Update io.opentelemetry:opentelemetry-sdk-logs 1.34.1 → 1.36.0.
  • Update org.jetbrains.kotlin:kotlin-stdlib 1.9.22 → 1.9.23.
  • Update com.squareup.okio:okio-jvm 3.7.0 → 3.8.0.
  • Update org.eclipse.jetty:jetty-http 11.0.19 → 11.0.20.
  • Update org.eclipse.jetty:jetty-jmx 11.0.19 → 11.0.20.
  • Update org.eclipse.jetty:jetty-server 11.0.19 → 11.0.20.
  • Update org.eclipse.jetty:jetty-servlet 11.0.19 → 11.0.20.
  • Update org.eclipse.jetty:jetty-util 11.0.19 → 11.0.20.
  • Update io.opentelemetry:opentelemetry-bom 1.34.1 → 1.36.0.
  • Update com.io7m.quarrel:com.io7m.quarrel.core 1.5.0 → 1.6.0.
  • Update com.io7m.quarrel:com.io7m.quarrel.ext.logback 1.5.0 → 1.6.0.
  • Update org.junit.jupiter:junit-jupiter-api 5.10.1 → 5.10.2.
  • Update org.junit.jupiter:junit-jupiter-engine 5.10.1 → 5.10.2.
  • Update ch.qos.logback:logback-classic 1.4.14 → 1.5.3.
  • Update ch.qos.logback:logback-core 1.4.14 → 1.5.3.
  • Update io.opentelemetry:opentelemetry-bom:1.36.0 → 1.37.0.
  • Update org.slf4j:slf4j-api:2.0.12 → 2.0.13.
  • Update bouncycastle.version:1.77 → 1.78.1.
  • Update com.squareup.okio:okio-jvm:3.8.0 → 3.9.0.
  • Update org.codehaus.mojo:jaxb2-maven-plugin:3.1.0 → 3.2.0.
  • Update com.io7m.quixote:com.io7m.quixote.core:1.1.0 → 1.2.0.
  • Update net.bytebuddy:byte-buddy:1.14.12 → 1.14.14.
  • Update org.xerial:sqlite-jdbc:3.45.1.0 → 3.45.3.0.
  • Update com.io7m.jmulticlose:com.io7m.jmulticlose.core:1.1.0 → 1.1.2.
  • Update net.bytebuddy:byte-buddy-agent:1.14.13 → 1.14.14.
  • Update com.io7m.jdeferthrow:com.io7m.jdeferthrow.core:1.2.0 → 1.3.0.
  • Update com.io7m.jaffirm:com.io7m.jaffirm.core:4.0.0 → 4.0.1.
  • Update jackson.version:2.17.0 → 2.17.1.
  • Update org.jetbrains.kotlin:kotlin-stdlib:1.9.23 → 1.9.24.
  • Update com.io7m.jlexing:com.io7m.jlexing.core:3.1.0 → 3.2.0.
  • Update net.bytebuddy:byte-buddy:1.14.14 → 1.14.15.
  • Update net.bytebuddy:byte-buddy-agent:1.14.14 → 1.14.15.
  • Update com.io7m.quixote:com.io7m.quixote.core:1.2.0 → 1.3.0.
  • Update com.io7m.quarrel.version:1.6.0 → 1.6.1.
  • Update io.opentelemetry:opentelemetry-bom:1.37.0 → 1.38.0.
  • Update com.io7m.jmulticlose:com.io7m.jmulticlose.core:1.1.2 → 1.1.3.
  • Update com.io7m.anethum:com.io7m.anethum.api:1.1.0 → 1.1.1.
  • Update com.io7m.jeucreader:com.io7m.jeucreader.core:3.0.0 → 3.0.1.
  • Update com.io7m.jxtrand:com.io7m.jxtrand.vanilla:2.0.0 → 2.1.0.
  • Update org.mockito:mockito-core:5.11.0 → 5.12.0.
  • Update com.io7m.repetoir:com.io7m.repetoir.core:1.0.0 → 1.0.1.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.37.0 → 1.38.0.
  • Update jetty.version:11.0.20 → 11.0.21.
  • Logging was stuck at trace level. (Tickets: 50)
  • Update net.bytebuddy:byte-buddy-agent:1.14.15 → 1.14.16.
  • Update net.bytebuddy:byte-buddy:1.14.15 → 1.14.16.
  • Update org.xerial:sqlite-jdbc:3.45.3.0 → 3.46.0.0.
  • Gandi.net now requires Personal Access Tokens instead of API keys. (Backwards incompatible) (Tickets: 55)
  • Update net.byte-buddy.version:1.14.16 → 1.14.17.
  • Properly implement Vultr DNS record deletion.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.38.0 → 1.39.0.
  • Update io.opentelemetry:opentelemetry-bom:1.38.0 → 1.39.0.

3.0.0 Release (2024-03-09Z)

  • Update com.io7m.jmulticlose:com.io7m.jmulticlose.core 1.0.0 → 1.1.0.
  • Update org.mockito:mockito-core 5.4.0 → 5.8.0.
  • Update net.bytebuddy:byte-buddy-agent 1.14.5 → 1.14.11.
  • Update net.bytebuddy:byte-buddy 1.14.5 → 1.14.11.
  • Update org.slf4j:slf4j-api 2.0.7 → 2.0.10.
  • Update dnsjava:dnsjava 3.5.2 → 3.5.3.
  • Update com.h2database:h2-mvstore 2.1.214 → 2.2.224.
  • Update jakarta.xml.bind:jakarta.xml.bind-api 4.0.0 → 4.0.1.
  • Update com.sun.xml.bind:jaxb-impl 4.0.3 → 4.0.4.
  • Update com.io7m.quixote:com.io7m.quixote.core 1.0.0 → 1.1.0.
  • Update io.opentelemetry:opentelemetry-sdk-logs 1.27.0 → 1.33.0.
  • Update org.jetbrains.kotlin:kotlin-stdlib 1.8.22 → 1.9.22.
  • Update com.squareup.okio:okio-jvm 3.3.0 → 3.7.0.
  • Update org.eclipse.jetty:jetty-http 11.0.15 → 11.0.19.
  • Update org.eclipse.jetty:jetty-jmx 11.0.15 → 11.0.19.
  • Update org.eclipse.jetty:jetty-server 11.0.15 → 11.0.19.
  • Update org.eclipse.jetty:jetty-servlet 11.0.15 → 11.0.19.
  • Update org.eclipse.jetty:jetty-util 11.0.15 → 11.0.19.
  • Update com.fasterxml.jackson.core:jackson-annotations 2.15.2 → 2.16.1.
  • Update com.fasterxml.jackson.core:jackson-core 2.15.2 → 2.16.1.
  • Update com.fasterxml.jackson.core:jackson-databind 2.15.2 → 2.16.1.
  • Update io.opentelemetry:opentelemetry-bom 1.27.0 → 1.33.0.
  • Update com.io7m.quarrel:com.io7m.quarrel.core 1.2.0 → 1.4.0.
  • Update com.io7m.quarrel:com.io7m.quarrel.ext.logback 1.2.0 → 1.4.0.
  • Update org.junit.jupiter:junit-jupiter-api 5.9.3 → 5.10.1.
  • Update org.junit.jupiter:junit-jupiter-engine 5.9.3 → 5.10.1.
  • Update ch.qos.logback:logback-classic 1.4.8 → 1.4.14.
  • Update ch.qos.logback:logback-core 1.4.8 → 1.4.14.
  • Update org.bouncycastle:bcpkix-jdk18on 1.75 → 1.77.
  • Update org.bouncycastle:bcprov-jdk18on 1.75 → 1.77.
  • Update org.bouncycastle:bcutil-jdk18on 1.75 → 1.77.
  • Update com.io7m.anethum:com.io7m.anethum.api 1.0.0 → 1.1.0.
  • Update org.mockito:mockito-core 5.8.0 → 5.9.0.
  • Update org.slf4j:slf4j-api 2.0.10 → 2.0.11.
  • Update io.opentelemetry:opentelemetry-sdk-logs 1.33.0 → 1.34.1.
  • Update io.opentelemetry:opentelemetry-bom 1.33.0 → 1.34.1.
  • Update com.io7m.quarrel:com.io7m.quarrel.core 1.4.0 → 1.5.0.
  • Update com.io7m.quarrel:com.io7m.quarrel.ext.logback 1.4.0 → 1.5.0.
  • Require JDK 21 (Backwards incompatible)
  • Drop MVStore in favour of SQLite. Note: This is a breaking change and will require the manual deletion of the store. (Backwards incompatible) (Tickets: 13)

2.0.0 Release (2023-06-12Z)

  • Fix some documentation issues.
  • More aggressively log exceptions in telemetry traces, and set the trace error status more often.
  • Large internal refactoring for better telemetry reporting. (Backwards incompatible)
  • Fix numerous documentation issues.

1.1.0 Release (2023-06-11Z)

  • Fix a packaging issue that prevented application startup with metrics enabled.

Development Snapshots

At the time of writing, the current unstable development version of the package is 4.0.0-SNAPSHOT.

Development snapshots may be available in the Central Portal Snapshots repository. Snapshots are published to this repository every time the project is built by the project's continuous integration system, but snapshots do expire after around ninety days and so may or may not be available depending on when a build of the package was last triggered.

Manual

User Manual

  • XHTML - One page per section
  • XHTML - Single page

Sources

This project uses Git to manage source code.

Repository: https://www.github.com/io7m-com/certusine

$ git clone --recursive https://www.github.com/io7m-com/certusine

Issues

This project uses GitHub Issues to track issues.

License

Copyright © 2023 Mark Raynsford <code@io7m.com> https://www.io7m.com Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Last Updated 2025-08-15T13:52:41Z