njs-acme open sourced

[f5yacobucci]

https://github.com/nginxinc/njs-acme is a project to do let's encrypt certificate management without external services (aka certbot for instance).

Having an inline mechanism like this could potentially open up support for the ALPN challenges (with some experimentation and work). ALPN based ACME challenges simplify the workflow in kubernetes environments (no additional resources, responding Pods, or Services).

Using njs-acme HTTP challenges might be an improvement (for certain users, as of right now it's just Let's Encrypt) over the additional management of CertManager and its CRDs even without support for ALPN.

A proof of concept with njs-acme could provide valuable feedback for the project flow, enable a simplified solution for customers, and open an as yet unsupportable but improved challenge option via ALPN.