GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
TACD(8) FreeBSD System Manager's Manual TACD(8)

tacd
TLS-ALPN Challenge Daemon

tacd [-e|--acme-ext STRING] [--acme-ext-file FILE] [--crt-digest STRING] [--crt-signature-alg STRING] [-d|--domain STRING] [--domain-file STRING] [-f|--foreground] [-h|--help] [-l|--listen host:port] [--log-stderr] [--log-syslog] [--log-level LEVEL] [--pid-file FILE] [-V|--version]

tacd is a server that will listen to incoming Transport Layer Security (TLS) connections and, if the acme-tls/1 protocol has been declared during the Application-Layer Protocol Negotiation (ALPN), present a self-signed certificate in order to attempt to solve the TLS-ALPN-01 challenge. It then drops the connection.

In order to generate the self-signed certificate, it is required to specify both the domain name to validate and the acmeIdentifier extension. If one of those values is not specified using the available options, it is read from the standard input. When reading from the standard input, a new line character is expected at the end. In the case both values needs to be read from the standard input, the domain name is read first, then the acmeIdentifier extension.

The options are as follows:

--acme-ext STRING
The acmeIdentifier extension to set in the self-signed certificate.
FILE
File from which is read the acmeIdentifier extension to set in the self-signed certificate.
STRING
Set the certificate's digest algorithm. Possible values are:
  • sha256
  • sha384
  • sha512
STRING
Set the certificate's signature algorithm. Possible values depends on the cryptographic library support and can be listed using the --help flag.
--domain STRING
The domain that is being validated.
STRING
File from which is read the domain that is being validated.
--foreground
Runs in the foreground.
--help
Prints help information.
--listen host:port | unix:path
Specifies the host and port combination or the unix socket to listen on.
Prints log messages to the standard error output.
Sends log messages via syslog.
LEVEL
Specify the log level. Possible values: error, warn, info, debug and trace.
FILE
Specifies the location of the PID file.
--version
Prints version information.

acmed.toml(5)

R.B. Shoemaker, Automated Certificate Management Environment (ACME) TLS Application-Layer Protocol Negotiation (ALPN) Challenge Extension, RFC 8737, February 2020.

Rodolphe Bréard ⟨rodolphe@breard.tf⟩
June 13, 2021 FreeBSD 13.1-RELEASE
Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.