diff --git a/rpxy-acme/Cargo.toml b/rpxy-acme/Cargo.toml
index 4ceeaf37..57dd5145 100644
--- a/rpxy-acme/Cargo.toml
+++ b/rpxy-acme/Cargo.toml
@@ -15,3 +15,17 @@ url = { version = "2.5.2" }
rustc-hash = "2.0.0"
thiserror = "1.0.62"
tracing = "0.1.40"
+async-trait = "0.1.81"
+base64 = "0.22.1"
+aws-lc-rs = { version = "1.8.0", default-features = false, features = [
+ "aws-lc-sys",
+] }
+blocking = "1.6.1"
+rustls = { version = "0.23.11", default-features = false, features = [
+ "std",
+ "aws_lc_rs",
+] }
+rustls-platform-verifier = { version = "0.3.2" }
+rustls-acme = { path = "../../rustls-acme/", default-features = false, features = [
+ "aws-lc-rs",
+] }
diff --git a/rpxy-acme/src/constants.rs b/rpxy-acme/src/constants.rs
index edb657b9..7b544b0b 100644
--- a/rpxy-acme/src/constants.rs
+++ b/rpxy-acme/src/constants.rs
@@ -5,10 +5,4 @@ pub const ACME_DIR_URL: &str = "https://acme-v02.api.letsencrypt.org/directory";
pub const ACME_REGISTRY_PATH: &str = "./acme_registry";
/// ACME accounts directory, subdirectory of ACME_REGISTRY_PATH
-pub(crate) const ACME_ACCOUNT_SUBDIR: &str = "account";
-
-/// ACME private key file name
-pub const ACME_PRIVATE_KEY_FILE_NAME: &str = "private_key.pem";
-
-/// ACME certificate file name
-pub const ACME_CERTIFICATE_FILE_NAME: &str = "certificate.pem";
+pub(crate) const ACME_ACCOUNT_SUBDIR: &str = "accounts";
diff --git a/rpxy-acme/src/dir_cache.rs b/rpxy-acme/src/dir_cache.rs
new file mode 100644
index 00000000..2f613d8d
--- /dev/null
+++ b/rpxy-acme/src/dir_cache.rs
@@ -0,0 +1,107 @@
+use crate::constants::ACME_ACCOUNT_SUBDIR;
+use async_trait::async_trait;
+use aws_lc_rs as crypto;
+use base64::prelude::*;
+use blocking::unblock;
+use crypto::digest::{Context, SHA256};
+use rustls_acme::{AccountCache, CertCache};
+use std::{
+ io::ErrorKind,
+ path::{Path, PathBuf},
+};
+
+enum FileType {
+ Account,
+ Cert,
+}
+
+#[derive(Debug)]
+pub struct DirCache {
+ account_dir: PathBuf,
+ cert_dir: PathBuf,
+}
+
+impl DirCache {
+ pub fn new
(dir: P, server_name: impl AsRef) -> Self
+ where
+ P: AsRef,
+ {
+ Self {
+ account_dir: dir.as_ref().join(ACME_ACCOUNT_SUBDIR),
+ cert_dir: dir.as_ref().join(server_name),
+ }
+ }
+ async fn read_if_exist(&self, file: impl AsRef, file_type: FileType) -> Result