Sync Client¶

lacme.sync ¶

Synchronous wrapper around the async :class:~lacme.client.Client.

Provides :class:SyncClient, a blocking interface that delegates every operation to the async Client through a managed event loop.

SyncChallengeHandler ¶

Bases: Protocol

Synchronous protocol for ACME challenge provisioning and cleanup.

deprovision ¶

deprovision(domain: str, token: str) -> None

Remove the challenge response after validation completes.

provision ¶

provision(domain: str, token: str, key_authorization: str) -> None

Make the challenge response available for validation.

SyncClient ¶

Synchronous ACME v2 client.

Wraps the async :class:~lacme.client.Client and exposes every public method as a blocking call.

Usage::

with SyncClient(directory_url="...", account_key=key) as client:
    cert = client.issue(["example.com"])

check_rate_limits ¶

check_rate_limits(domains: str | list[str]) -> RateLimitStatus

Check if issuing for domains would exceed rate limits.

close ¶

close() -> None

Close the underlying async client and event loop.

create_account ¶

create_account(*, contact: list[str] | None = None, terms_of_service_agreed: bool = True, only_return_existing: bool = False, eab_kid: str | None = None, eab_hmac_key: str | None = None) -> Account

Create or find an existing ACME account.

create_authorization ¶

create_authorization(identifier_value: str, *, identifier_type: IdentifierType = IdentifierType.DNS) -> Authorization

Create a pre-authorization for an identifier.

create_order ¶

create_order(domains: str | list[str], *, not_before: str | None = None, not_after: str | None = None) -> Order

Create a new certificate order.

deactivate_account ¶

deactivate_account() -> Account

Deactivate the current account.

directory ¶

directory() -> Directory

Fetch and cache the ACME directory.

download_certificate ¶

download_certificate(url: str) -> str

Download the certificate chain via POST-as-GET.

finalize_order ¶

finalize_order(order: Order, csr_der: bytes) -> Order

Submit the CSR to finalize the order.

get_authorization ¶

get_authorization(url: str) -> Authorization

Fetch an authorization via POST-as-GET.

get_authorizations ¶

get_authorizations(order: Order) -> list[Authorization]

Fetch all authorizations for an order.

issue ¶

issue(domains: str | list[str], *, challenge_type: str = 'http-01', challenge_map: dict[str, tuple[str, ChallengeHandler]] | None = None) -> CertBundle

Issue a certificate for the given domain(s).

poll_authorization ¶

poll_authorization(url: str, *, timeout: float | None = None) -> Authorization

Poll an authorization until it reaches a terminal state.

poll_order ¶

poll_order(url: str, *, timeout: float | None = None) -> Order

Poll an order until it reaches a terminal state.

respond_to_challenge ¶

respond_to_challenge(challenge: Challenge) -> Challenge

Signal readiness for challenge validation.

revoke ¶

revoke(cert_pem: bytes | str, *, reason: int | None = None) -> None

Revoke a certificate using the account key.

revoke_with_cert_key ¶

revoke_with_cert_key(cert_pem: bytes | str, cert_key: EllipticCurvePrivateKey, *, reason: int | None = None) -> None

Revoke a certificate using its own key pair.

rollover_key ¶

rollover_key(new_key: EllipticCurvePrivateKey | None = None) -> None

Roll over the account key.