PHPackages                             orangecam/acme2letsencrypt - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. orangecam/acme2letsencrypt

ActiveLibrary[Security](/categories/security)

orangecam/acme2letsencrypt
==========================

A PHP client for acme protocol (version 2) implementation, used to get letsencrypt's ssl certificates.

v1.0.11(1w ago)043MITPHPPHP &gt;=8.1

Since Apr 24Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/orangecam/acme2letsencrypt)[ Packagist](https://packagist.org/packages/orangecam/acme2letsencrypt)[ RSS](/packages/orangecam-acme2letsencrypt/feed)WikiDiscussions master Synced today

READMEChangelog (10)Dependencies (4)Versions (13)Used By (0)

Let's Encrypt ACME2 project
===========================

[](#lets-encrypt-acme2-project)

A PHP client for acme protocal (version 2) implementation, used to get let's encrypt ssl certificates. Support for both RSA and ECDSA certificates is supported. The code will not set the challenge file or DNS record for you, you must handle these manually.

> This project was forked from () and fully upgraded to use guzzlehttp/guzzle package as the http request handler. It also fixes deprecations from newer versions of php, specifically php 8. This project fully supports php 8.1 and assumes that since all the deprecations are fixed, it will work with php 9 as well when it is released. This project is only compatibile with php 8.1 or newer as of April 2025.

1. Current Version
------------------

[](#1-current-version)

The current version is `1.0.10`.

2. Prerequisites
----------------

[](#2-prerequisites)

This project works with PHP-8.1.0 or higher. You must install PHP and ext-curl, ext-openssl, and ext-json. Guzzle requires json, and intl for Internationalized Domain Name (IDN) support.

3. Install
----------

[](#3-install)

Install requires executing `/usr/bin/php composer.phar require orangecam/acme2letsencrypt`.

4. Usage
--------

[](#4-usage)

The basic methods and its necessary arguments are shown here. An example is supplied in the file [exampleRunScript.php](https://github.com/orangecam/acme2letsencrypt/blob/master/exampleRunScript.php).

#### 4.1. Initial setup

[](#41-initial-setup)

```
//Pull in the ClientRequest to use it
use orangecam\acme2letsencrypt\ClientRequest;

// Email list as contact info
$emailList = ['alert@example.com'];
// Account data and certificates files will be stored here
$sslDir = '/var/www/ssl/';
// Hostname without the TLD ***not*** to include the '.' (dot)
$name = 'example';
// TLD here, for example 'com' ***not*** to include the '.' (dot)
$topLevelDomain = 'com';
// Using stage environment or not, make sure to empty $sslDir directory after you change from staging/test server to the real one
$useStagingUrl = FALSE;
// Initiating a client
$client = new ClientRequest(
	$emailList,
	$sslDir.$name.'_'.$topLevelDomain,
	$useStagingUrl
);
```

After `ClientRequest` had been initiated, a Let's Encrypt account will be created and the account data will be placed in ` $sslDir.$name.'_'.$topLevelDomain`. When you reinitialize the client, the account will not be created again.

#### 4.2. Account Management

[](#42-account-management)

```
// Get account service instance
$account = $client->getAccount();
//-----------------------------------
// Update account contact info with an email list
$account->updateAccountContact($emailList);
//-----------------------------------
// Regenerate private/public key pair，the old will be replaced by the new
$account->updateAccountKey();
//-----------------------------------
// Deactive the account
$account->deactivateAccount();
```

#### 4.3. Order

[](#43-order)

These methods bellow are mainly used for generating certificates.

```
//Pull in the ConstantVariables to use it in the code below
use orangecam\acme2letsencrypt\constants\ConstantVariables;

/* Domains and challenges info for a single certificate with multiple SAN: abc.example.com, *.example.com and example.com */
$domainInfo = [
	ConstantVariables::CHALLENGE_TYPE_HTTP => [
		//WILDCARD certs not allowed on HTTP challenge type
		'example.com',
		'www.example.com',
	],
];
//----------OR----------
$domainInfo = [
	ConstantVariables::CHALLENGE_TYPE_DNS => [
		'example.com',
		'*.example.com',
	],
];
// Generate RSA certificates, `ConstantVariables::KEY_PAIR_TYPE_EC` for ECDSA certificates
$algorithm = ConstantVariables::KEY_PAIR_TYPE_RSA;
// Get an order service instance
$order = $client->getOrder($domainInfo, $algorithm, TRUE);
```

```
//The prototype of method `getOrder()` is shown below:
public function getOrder(array $domainInfo, int $algorithm, bool $generateNewOder = TRUE): OrderService
```

The third param `$generateNewOder` controls whether a new order need to be generated. When `$generateNewOder == TRUE`, all files under original certificates directory will be removed in order to generate new certificates; When `$generateNewOder == FALSE`, it will return an existing order service instance used to revoke certificates generally.

#### 4.4. Challenge

[](#44-challenge)

```
// Get all authorization challenges for domains
$challengeList = $order->getPendingChallengeList();
//Loop through the list
foreach($challengeList as $challenge) {
	//Get the credentials
	$credential = $challenge->getCredential();
	//Get the type
	$type = $challenge->getType();

	//****Push the $credentials to the right place. HTTP-01 or DNS-01

	//Infinite loop until the authorization status becomes valid or timeout has been reached
	$challenge->verify(700, 700);
}
// Get certificates, such as certificates path, private/public key pair path, valid time
$order->getCertificateFile();
// Revoke certificates, the certificaes ara unavailable after revoked
$order->revokeCertificate($reason);
```

```
//The prototype of method `verify()` is shown below:
public function verify(int $verifyLocallyTimeout = 0, int $verifyCATimeout = 0): bool
```

- The first param `$verifyLocallyTimeout` stands for the timeout of local verification. Default value 0 won't trigger time-out mechanism.
- The second param `$verifyCATimeout` stand for the timeout of Let's Encrypt verification. Default value 0 won't trigger time-out mechanism.

5. Domain Verification
----------------------

[](#5-domain-verification)

When generating a certificate, Let's Encrypt needs to verify the ownership and validity of the domain. There are two types of verification: http-01, dns-01. In the following, we take `example.com` as an example.

#### 5.1. http-01

[](#51-http-01)

Let's Encrypt will access a specific file under web server to verify domain. The `$challenge` info is like bellow.

```
print_r($challenge->getType());
/* output */
'http-01'

print_r($challenge->getCredential());
/* output */
[
	'identifier' => 'example.com',
	'fileName' => 'RzMY-HDa1P0DwZalmRyB7wLBNI8fb11LkxdXzNrhA1Y',
	'fileContent' => 'RzMY-HDa1P0DwZalmRyB7wLBNI8fb11LkxdXzNrhA1Y.CNWZAGtAHIUpstBEckq9W_-0ZKxO-IbxF9Y8J_svbqo',
];
```

With the above `$challenge` info, Let's Encrypt will access "", and the file content will be expected as "RzMY-HDa1P0DwZalmRyB7wLBNI8fb11LkxdXzNrhA1Y.CNWZAGtAHIUpstBEckq9W\_-0ZKxO-IbxF9Y8J\_svbqo".

#### 5.2. dns-01

[](#52-dns-01)

You should add a DNS TXT record for domain, Let's Encrypt will check domain's specific TXT record value for verification. As this time, the `$challenge` info is like bellow.

```
print_r($challenge->getType());
/* output */
'dns-01'

print_r($challenge->getCredential());
/* output */
[
	'identifier' => 'example.com',
	'dnsContent' => 'xQwerUEsL8UVc6tIahwIVY4e8N5MAf1xhyY20AELurk',
];
```

With the aboved `$challenge` info, you should add a TXT record for domain `example.com`, the record name should be "\_acme-challenge.example.com", the record value should be "xQwerUEsL8UVc6tIahwIVY4e8N5MAf1xhyY20AELurk". It's worth noting that you should set TTL as short as possible to let the record take effect as soon as possible.

#### 5.3. Wildcard domain verification

[](#53-wildcard-domain-verification)

This tool supports generating certificates for wildcard domains. A wildcard domain, like `*.example.com`, will be verified as `example.com`, this means the DNS record name should be `_acme-challenge.example.com`. Here is a simple summary for dns-01 challenges about domain and DNS record.

DomainDNS record nameTypeTTLDNS record value(just examples)example.com\_acme-challenge.example.comTXT60xQwerUEsL8UVc6tIahwIVY4e8N5MAf1xhyY20AELurk\*.example.com\_acme-challenge.example.comTXT60G2dOkzSjW3ohib5doPRDrz5a5l8JB1qU8CxURtzF7aE7. Full example
---------------

[](#7-full-example)

Project supplies a [full example](https://github.com/orangecam/acme2letsencrypt/blob/master/exampleRunScript.php).

8. Finish
---------

[](#8-finish)

I hope you find this project useful to you and allows you to automate the generating of ssl certs on your own website.

###  Health Score

42

—

FairBetter than 88% of packages

Maintenance89

Actively maintained with recent releases

Popularity9

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity53

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~38 days

Recently: every ~24 days

Total

12

Last Release

8d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/15823284?v=4)[Cameron Brown](/maintainers/orangecam)[@orangecam](https://github.com/orangecam)

---

Top Contributors

[![orangecam](https://avatars.githubusercontent.com/u/15823284?v=4)](https://github.com/orangecam "orangecam (39 commits)")

### Embed Badge

![Health badge](/badges/orangecam-acme2letsencrypt/health.svg)

```
[![Health](https://phpackages.com/badges/orangecam-acme2letsencrypt/health.svg)](https://phpackages.com/packages/orangecam-acme2letsencrypt)
```

###  Alternatives

[aws/aws-sdk-php

AWS SDK for PHP - Use Amazon Web Services in your PHP project

6.3k543.5M2.6k](/packages/aws-aws-sdk-php)[neuron-core/neuron-ai

The PHP Agentic Framework.

2.0k656.1k38](/packages/neuron-core-neuron-ai)[tencentcloud/tencentcloud-sdk-php

TencentCloudApi php sdk

3741.3M47](/packages/tencentcloud-tencentcloud-sdk-php)[tempest/framework

The PHP framework that gets out of your way.

2.2k34.4k15](/packages/tempest-framework)[eslazarev/wildberries-sdk

Wildberries OpenAPI clients (generated).

273.0k](/packages/eslazarev-wildberries-sdk)[files.com/files-php-sdk

Files.com PHP SDK

2481.1k](/packages/filescom-files-php-sdk)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
