Struct Account

Source

pub struct Account { /* private fields */ }

Expand description

An ACME account as described in RFC 8555 (section 7.1.2)

Create an Account via Account::builder() or Account::builder_with_http(), then use AccountBuilder::create() to create a new account or restore one from serialized data by passing deserialized AccountCredentials to AccountBuilder::from_credentials().

The Account type is cheap to clone.

https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.2

Implementations§

Source §

impl Account

Source

pub fn builder() -> Result<AccountBuilder, Error>

Create an account builder with the default HTTP client

Source

pub fn builder_with_root( pem_path: impl AsRef<Path>, ) -> Result<AccountBuilder, Error>

Create an account builder with an HTTP client configured using a custom root CA

This is useful if your ACME server uses a testing PKI and not a certificate chain issued by a publicly trusted CA.

Source

pub fn builder_with_http(http: Box<dyn HttpClient>) -> AccountBuilder

Create an account builder with the given HTTP client

Source

pub async fn new_order(&self, order: &NewOrder<'_>) -> Result<Order, Error>

Create a new order based on the given NewOrder

Returns an Order instance. Use the Order::state() method to inspect its state.

Source

pub async fn order(&self, url: String) -> Result<Order, Error>

Fetch the order state for an existing order based on the given url

This might fail if the given URL’s order belongs to a different account.

Returns an Order instance. Use the Order::state method to inspect its state.

Source

pub async fn revoke<'a>( &'a self, payload: &RevocationRequest<'a>, ) -> Result<(), Error>

Revokes a previously issued certificate

Source

pub async fn renewal_info( &self, certificate_id: &CertificateIdentifier<'_>, ) -> Result<(RenewalInfo, Duration), Error>

Fetch RenewalInfo with a suggested window for renewing an identified certificate

Clients may use this information to determine when to renew a certificate. If the renewal window starts in the past, then renewal should be attempted immediately. Otherwise, a uniformly random point between the window start/end should be selected and used to schedule a renewal in the future.

The Duration is a hint from the ACME server when to again fetch the renewal window. See https://www.rfc-editor.org/rfc/rfc9773.html#section-4.3.2 for details.

This is only supported by some ACME servers. If the server does not support this feature, this method will return Error::Unsupported.

See https://www.rfc-editor.org/rfc/rfc9773.html#section-4.2-4 for more information.

Source

pub async fn update_key(&mut self) -> Result<AccountCredentials, Error>

Update the account’s authentication key

This is useful if you want to change the ACME account key of an existing account, e.g. to mitigate the risk of a key compromise. This method creates a new client key and changes the key associated with the existing account. self will be updated with the new key, and a fresh set of AccountCredentials will be returned to update stored credentials.

See https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.5 for more information.

Source

pub async fn update_contacts<'a>( &self, contacts: &'a [&'a str], ) -> Result<(), Error>

Updates the account contacts

This is useful if you want to update the contact information of an existing account on the ACME server. The contacts argument replaces existing contacts on the server. By providing an empty array the contacts are removed from the server.

See https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.2 for more information.

Source

pub async fn deactivate(self) -> Result<(), Error>

Deactivate the account with the ACME server

This is useful when you want to cancel an account with the ACME server because you don’t intend to use it further, or because the account key was compromised.

After this point no further operations can be performed with the account. Any existing orders or authorizations created with the ACME server will be invalidated.

Source