cisza

command module
v0.0.0-...-46bd79c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2026 License: BSD-3-Clause Imports: 2 Imported by: 0

README

cisza

A simple command-line tool to get free SSL/TLS certificates from Let's Encrypt for your websites.

cisza means "silence" in Polish - because managing certificates should be silent and effortless.

Requirements

  • Port 80 must be accessible from the internet
  • Root/sudo access (to bind to port 80)
  • Valid DNS records pointing to your server
  • Go 1.24+ (for building from source)

Features

  • Get free SSL certificates for one or multiple domains
  • Check certificate expiration dates
  • Renew certificates with a single command
  • Support for both RSA and ECDSA keys
  • Test with staging environment before going live

Installation

go install github.com/lechgu/cisza@latest

Or build from source:

git clone https://github.com/lechgu/cisza.git
cd cisza
make build

Quick Start

1. Initialize Configuration
cisza init --email your@email.com

This creates a .cisza/ directory with your ACME account key and configuration. Use --staging flag for testing with Let's Encrypt staging environment.

2. Issue a Certificate
sudo cisza issue --dir example.com --dns example.com --dns www.example.com

This will create a certificate directory with cert.pem and key.pem files ready to use with your web server.

3. Inspect Certificate
cisza inspect --dir example.com

Shows certificate details including expiration date, DNS names, key information, and validity status.

4. Renew Certificate
sudo cisza renew --dir example.com

Reads the existing certificate, extracts DNS names, and reissues the certificate.

Common Use Cases

Single Domain Certificate
sudo cisza issue --dir mysite.com --dns mysite.com
Multi-Domain Certificate (SAN)
sudo cisza issue --dir myapp --dns app.example.com --dns api.example.com --dns www.example.com
Testing with Staging Environment
cisza init --email test@example.com --staging
sudo cisza issue --dir test-cert --dns test.example.com
Renewal via Cron

Add to crontab to renew certificates monthly:

# Renew certificate on the 1st of each month at 3 AM
0 3 1 * * sudo /path/to/cisza renew --dir /path/to/cert
Force Certificate Reissue
sudo cisza issue --dir example.com --dns example.com --force

The --force flag overwrites existing certificates in the directory.

Configuration

Default configuration file: .cisza/config.yaml

email: your@email.com
directory_url: https://acme-v02.api.letsencrypt.org/directory
key_type: rsa
rsa_key_size: 2048

Additional configuration options are available for ECDSA curves and other settings.

License

BSD 3-Clause License - see LICENSE for details.

Contributing

Contributions welcome! Please open an issue or submit a pull request.

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
internal
acme
commands
commands/init
commands/inspect
commands/issue
commands/renew
commands/version
config
core
dto
meta
paths

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.