CycloneACME
ACME Client Library

CycloneACME is a client implementation of ACME (Automatic Certificate Management Environment) dedicated to embedded applications. This solution can be used to automate the process of managing X.509 certificates (ordering, renewal, revocation) with a remote certification authority like Let's Encrypt. ACME allows deployement of public-key infrastructure on Internet-facing devices (HTTPS server for example) at very low cost.

ACME Protocol / Automatic Certificate Management Environement

Main Features

  • ACME v2 protocol implementation
  • Client mode of operation
  • ACME account management (creation, update, deactivation and key rollover)
  • Certificate management (ordering, renewal and revocation)
  • Supports RSA, ECDSA and EdDSA certificates
  • Supports standard ACME challenges (HTTP, DNS and TLS-ALPN)
  • ACME-DNS client provides a simple way to automate ACME DNS challenges
  • Compatible with ACME servers such as Let's Encrypt, Encryption Everywhere or Buypass Go SSL
  • Comprehensive user API
  • Flexible memory footprint. Built-time configuration to embed only the necessary features
  • Portable architecture (no processor dependencies)
  • The library is distributed as a full ANSI C and highly maintainable source code

Supported ACME Challenges

  • http-01 (HTTP-based challenge type)
  • dns-01 (DNS-based challenge type)
  • tls-alpn-01 (TLS-based challenge type)

Supported Signature Algorithms

  • RSA
  • ECDSA
  • Ed25519
  • Ed448
  • ARM7TDMI / ARM926EJ-S
  • ARM Cortex-M3
  • ARM Cortex-M4
  • ARM Cortex-M7
  • ARM Cortex-R4
  • ARM Cortex-A5
  • ARM Cortex-A8
  • ARM Cortex-A9
  • RISC-V
  • MIPS M4K
  • MIPS microAptiv
  • PowerPC e200
  • Coldfire V2
  • RX600
  • AVR32
  • Xtensa LX6
  • Amazon FreeRTOS
  • ChibiOS/RT
  • CMSIS-RTOS
  • CMSIS-RTOS2 (RTX v5 and FreeRTOS)
  • Keil RTX
  • Micrium µC/OS-II
  • Micrium µC/OS-III
  • Segger embOS
  • SYS/BIOS (TI-RTOS)
  • Bare Metal programming (without RTOS)
  • GNU GCC / Makefile
  • Atollic TrueSTUDIO
  • IAR Embedded Workbench
  • Keil MDK-ARM
  • Microsoft Visual Studio
  • Segger Embedded Studio
  • AC6 System Workbench for STM32 (SW4STM32)
  • Atmel Studio
  • Infineon DAVE
  • Microchip MPLAB X
  • NXP MCUXpresso
  • Renesas e2Studio
  • ST STM32CubeIDE
  • TI Code Composer Studio (CSS)
  • RFC 8555: Automatic Certificate Management Environment (ACME)
  • RFC 8737: ACME TLS Application-Layer Protocol Negotiation (ALPN) Challenge Extension
  • RFC 7515: JSON Web Signature (JWS)
  • RFC 7517: JSON Web Key (JWK)
  • RFC 7518: JSON Web Algorithms (JWA)
  • RFC 7638: JSON Web Key (JWK) Thumbprint