ACME dns-01 challenge reference implementation for Greenlock v2.7+ (and v3).

Go to file

AJ ONeal 8ed6e3cdcc restore latest from npm		2018-05-01 14:14:15 -06:00
.gitignore	initial commit	2016-10-14 13:39:54 -06:00
LICENSE	initial commit	2016-10-14 13:39:54 -06:00
README.md	restore latest from npm	2018-05-01 14:14:15 -06:00
index.js	restore latest from npm	2018-05-01 14:14:15 -06:00
package.json	restore latest from npm	2018-05-01 14:14:15 -06:00
test.js	pass in keyAuth	2016-10-17 15:44:49 -06:00

README.md

le-challenge-dns

For production use le-challenge-ddns (or a similar ddns tool)

A manual (interactive CLI) dns-based strategy for node-letsencrypt for setting, retrieving, and clearing ACME DNS-01 challenges issued by the ACME server

Prints out a subdomain record for _acme-challenge with keyAuthDigest to be tested by the ACME server.

You can then update your DNS manually by whichever method you use and then press [enter] to continue the process.

_acme-challenge.example.com   TXT   xxxxxxxxxxxxxxxx    TTL 60

Install

npm install --save le-challenge-dns@2.x

Usage

var leChallengeDns = require('le-challenge-dns').create({
  debug: false
});

var LE = require('letsencrypt');

LE.create({
  server: LE.stagingServerUrl                               // Change to LE.productionServerUrl in production
, challengeType: 'dns-01'
, challenges: {
    'dns-01': leChallengeDns
  }
, approveDomains: [ 'example.com' ]
});

NOTE: If you request a certificate with 6 domains listed, it will require 6 individual challenges.

Exposed Methods

For ACME Challenge:

set(opts, domain, challange, keyAuthorization, done)
get(defaults, domain, challenge, done)
remove(defaults, domain, challenge, done)

Note: get() is a no-op for dns-01.

For node-letsencrypt internals:

getOptions() returns the internal defaults merged with the user-supplied options
loopback(defaults, domain, challange, done) performs a dns lookup of the txt record
test(opts, domain, challange, keyAuthorization, done) runs set, loopback, remove, loopback