Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
TACD(8)			    System Manager's Manual		       TACD(8)

NAME
       tacd -- TLS-ALPN	Challenge Daemon

SYNOPSIS
       tacd	  [-e|--acme-ext      STRING]	   [--acme-ext-file	 FILE]
	    [--crt-digest      STRING]	    [--crt-signature-alg       STRING]
	    [-d|--domain   STRING]  [--domain-file  STRING]  [-f|--foreground]
	    [-h|--help]	[-l|--listen host:port]	[--log-stderr]	[--log-syslog]
	    [--log-level     LEVEL]    [--no-pid-file]	  [--pid-file	 FILE]
	    [-V|--version]

DESCRIPTION
       tacd is a server	that will listen to incoming Transport Layer  Security
       (TLS)  connections  and,	 if  the acme-tls/1 protocol has been declared
       during the Application-Layer Protocol  Negotiation  (ALPN),  present  a
       self-signed  certificate	 in  order to attempt to solve the TLS-ALPN-01
       challenge. It then drops	the connection.

       In order	to generate the	self-signed certificate,  it  is  required  to
       specify	both  the  domain  name	 to  validate  and  the	acmeIdentifier
       extension.  If one of those values is not specified using the available
       options,	it is read from	the standard  input.  When  reading  from  the
       standard	 input,	 a  new	 line character	is expected at the end.	In the
       case both values	needs to be read from the standard input,  the	domain
       name is read first, then	the acmeIdentifier extension.

       The options are as follows:

       -e, --acme-ext STRING
	       The acmeIdentifier extension to set in the self-signed certifi-
	       cate.

       --acme-ext-file FILE
	       File  from which	is read	the acmeIdentifier extension to	set in
	       the self-signed certificate.

       --crt-digest STRING
	       Set the certificate's digest algorithm. Possible	values are:
	       -   sha256
	       -   sha384
	       -   sha512

       --crt-signature-alg STRING
	       Set the certificate's signature algorithm. Possible values  de-
	       pends  on  the  cryptographic library support and can be	listed
	       using the --help	flag.

       -d, --domain STRING
	       The domain that is being	validated.

       --domain-file STRING
	       File from which is read the domain that is being	validated.

       -f, --foreground
	       Runs in the foreground.

       -h, --help
	       Prints help information.

       -i, --listen host:port |	unix:path
	       Specifies the host and port combination or the unix  socket  to
	       listen on.

       --log-stderr
	       Prints log messages to the standard error output.

       --log-syslog
	       Sends log messages via syslog.

       --log-level LEVEL
	       Specify	the log	level. Possible	values:	error, warn, info, de-
	       bug and trace.

       --no-pid-file
	       Do not create any PID file

       --pid-file FILE
	       Specifies the location of the PID file.

       -V, --version
	       Prints version information.

SEE ALSO
       acmed.toml(5)

STANDARDS
       R.B. Shoemaker, Automated Certificate Management	Environment (ACME) TLS
       Application-Layer Protocol Negotiation (ALPN) Challenge Extension,  RFC
       8737, February 2020.

AUTHORS
       Rodolphe	Brard <rodolphe@breard.tf>

FreeBSD	Ports 14.quarterly	 Dec 19, 2022			       TACD(8)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=tacd&sektion=8&manpath=FreeBSD+Ports+14.3.quarterly>

home | help