btw, for anyone playing with this who wants to export their account key (accounts/acme-v01.api.letsencrypt.org/directory/*/private_key.json) from the original letsencrypt client, you can pipe it through this script (do "pkg_add p5-Crypt-OpenSSL-RSA p5-JSON" first).
Or you can just create a new one with -n. #!/usr/bin/perl # adapted from https://github.com/lukas2511/letsencrypt.sh/wiki/Import-from-official-letsencrypt-client use strict; use Crypt::OpenSSL::RSA; use Crypt::OpenSSL::Bignum; use JSON; use MIME::Base64; my $json_content = <STDIN>; $json_content =~ tr/-/+/; $json_content =~ tr/_/\//; my $json = decode_json($json_content); my $n = Crypt::OpenSSL::Bignum->new_from_bin(decode_base64($json->{n})); my $e = Crypt::OpenSSL::Bignum->new_from_bin(decode_base64($json->{e})); my $d = Crypt::OpenSSL::Bignum->new_from_bin(decode_base64($json->{d})); my $p = Crypt::OpenSSL::Bignum->new_from_bin(decode_base64($json->{p})); my $q = Crypt::OpenSSL::Bignum->new_from_bin(decode_base64($json->{q})); my $rsa = Crypt::OpenSSL::RSA->new_key_from_parameters($n, $e, $d, $p, $q); print($rsa->get_private_key_string());
