In order to help understand the details of ACMESharp, it is important to first understand some basic concepts of the ACME protocol. ACME is used to support automated certificate request and issuance from a Certificate Authority. An ACME Client (such as ACMESharp) interacts with an ACME Server through a series of message exchanges. The typical, high-level flow is as follows:
In the ACME protocol flow described above there are many places where the steps can vary greatly in how processing can be handled, both within the ACME protocol itself as well as external integrations and dependencies. For example, the ACME protocol defines several mechanisms for validating that a Client is the owner of a DNS Identifier and allows for one or more of them to be used as prescribed by the Server. The protocol explicitly allows for mechanisms to evolve over time and for new mechanisms to be supported. Similarly, once a certificate is issued from Server to Client, the Client may wish to install that certificate into various different server applications or services.
To address the need to accommodate all these areas of variations, and allow for an open-ended system that can evolve along with the ACME protocol and future integrations, ACMESharp is built on a core extension mechanism that allows feature-specific Providers to handle these variations.
The Extension Provider Model follows this general pattern:
Within ACMESharp there are several areas of functionality that leverage the Extension Provider Model to offer points of extensibility:
For more info, please see the reference documentation for standard Extension Providers.