How To Install lacme-accountd on Debian 10
Introduction
In this tutorial we learn how to install lacme-accountd on Debian 10.
What is lacme-accountd
lacme-accountd is:
lacme is an ACME client written with process isolation and minimal privileges in mind. It is divided into four components, each with its own executable:
A process to manage the account key and issue SHA-256 signatures needed for each ACME command. (This process binds to a UNIX-domain socket to reply to signature requests from the ACME client.) One can use the UNIX-domain socket forwarding facility of OpenSSH 6.7 and later to run this process on a different host.
A “master” process, which runs as root and is the only component with access to the private key material of the server keys. It is used to fork the ACME client (and optionally the ACME webserver) after dropping root privileges. For certificate issuances, it also generates Certificate Signing Requests, then verifies the validity of the issued certificate, and optionally reloads or restarts services.
An actual ACME client, which builds ACME commands and dialogues with the remote ACME server. Since ACME commands need to be signed with the account key, the “master” process passes the UNIX-domain socket of the account key manager to the ACME client: data signatures are requested by writing the data to be signed to the socket.
For certificate issuances, an optional webserver, which is spawned by the “master” process when no service is listening on the HTTP port. (The only challenge type currently supported is “http-01”, which requires a webserver to answer challenges.) That webserver only processes GET and HEAD requests under the “/.well-known/acme-challenge/” URI. By default some iptables(8) rules are automatically installed to open the HTTP port, and removed afterwards.
lacme-accountd is the first (account key manager) component. It is the only component with access to the account key.
There are three methods to install lacme-accountd on Debian 10. We can use apt-get, apt and aptitude. In the following sections we will describe each method. You can choose one of them.
Install lacme-accountd Using apt-get
Update apt database with apt-get using the following command.
sudo apt-get update
After updating apt database, We can install lacme-accountd using apt-get by running the following command:
sudo apt-get -y install lacme-accountd
Install lacme-accountd Using apt
Update apt database with apt using the following command.
sudo apt update
After updating apt database, We can install lacme-accountd using apt by running the following command:
sudo apt -y install lacme-accountd
Install lacme-accountd Using aptitude
If you want to follow this method, you might need to install aptitude first since aptitude is usually not installed by default on Debian. Update apt database with aptitude using the following command.
sudo aptitude update
After updating apt database, We can install lacme-accountd using aptitude by running the following command:
sudo aptitude -y install lacme-accountd
How To Uninstall lacme-accountd on Debian 10
To uninstall only the lacme-accountd package we can use the following command:
sudo apt-get remove lacme-accountd
Uninstall lacme-accountd And Its Dependencies
To uninstall lacme-accountd and its dependencies that are no longer needed by Debian 10, we can use the command below:
sudo apt-get -y autoremove lacme-accountd
Remove lacme-accountd Configurations and Data
To remove lacme-accountd configuration and data from Debian 10 we can use the following command:
sudo apt-get -y purge lacme-accountd
Remove lacme-accountd configuration, data, and all of its dependencies
We can use the following command to remove lacme-accountd configurations, data and all of its dependencies, we can use the following command:
sudo apt-get -y autoremove --purge lacme-accountd
Dependencies
lacme-accountd have the following dependencies:
References
Summary
In this tutorial we learn how to install lacme-accountd package on Debian 10 using different package management tools: apt, apt-get and aptitude.