working even better

This commit is contained in:
AJ ONeal 2018-04-11 07:22:42 +00:00
parent 3a6269aafa
commit da8b49d46b
3 changed files with 44 additions and 5 deletions

View File

@ -29,11 +29,12 @@ In progress
* Apr 5, 2018 - test subdomains and its wildcard * Apr 5, 2018 - test subdomains and its wildcard
* Apr 5, 2018 - test http and dns challenges (success and failure) * Apr 5, 2018 - test http and dns challenges (success and failure)
* Apr 5, 2018 - export http and dns challenge tests * Apr 5, 2018 - export http and dns challenge tests
* Apr 10, 2018 - tested backwards-compatibility using greenlock.js
Todo Todo
* Apr 5, 2018 - appears that sometimes 'pending' status cannot be progressed to 'processing' nor 'deactivated'
* support ECDSA keys * support ECDSA keys
* Apr 5, 2018 - appears that sometimes 'pending' status cannot be progressed to 'processing' nor 'deactivated'
## Let's Encrypt Directory URLs ## Let's Encrypt Directory URLs

View File

@ -24,11 +24,30 @@ function create(deps) {
acme2.accounts.create(options).then(resolveFn(cb), rejectFn(cb)); acme2.accounts.create(options).then(resolveFn(cb), rejectFn(cb));
}; };
acme2.getCertificate = function (options, cb) { acme2.getCertificate = function (options, cb) {
acme2.certificates.create(options).then(resolveFn(cb), rejectFn(cb)); options.agreeToTerms = options.agreeToTerms || function (tos) {
return Promise.resolve(tos);
};
acme2.certificates.create(options).then(function (chainPem) {
var privkeyPem = acme2.RSA.exportPrivatePem(options.domainKeypair);
resolveFn(cb)({
cert: chainPem.split(/[\r\n]{2,}/g)[0] + '\r\n'
, privkey: privkeyPem
, chain: chainPem.split(/[\r\n]{2,}/g)[1] + '\r\n'
});
}, rejectFn(cb));
}; };
acme2.getAcmeUrls = function (options, cb) { acme2.getAcmeUrls = function (options, cb) {
acme2.init(options).then(resolveFn(cb), rejectFn(cb)); acme2.init(options).then(resolveFn(cb), rejectFn(cb));
}; };
acme2.getOptions = function () {
var defs = {};
Object.keys(module.exports.defaults).forEach(function (key) {
defs[key] = defs[deps] || module.exports.defaults[key];
});
return defs;
};
acme2.stagingServerUrl = module.exports.defaults.stagingServerUrl; acme2.stagingServerUrl = module.exports.defaults.stagingServerUrl;
acme2.productionServerUrl = module.exports.defaults.productionServerUrl; acme2.productionServerUrl = module.exports.defaults.productionServerUrl;
return acme2; return acme2;
@ -41,8 +60,9 @@ module.exports.defaults = {
, knownEndpoints: [ 'keyChange', 'meta', 'newAccount', 'newNonce', 'newOrder', 'revokeCert' ] , knownEndpoints: [ 'keyChange', 'meta', 'newAccount', 'newNonce', 'newOrder', 'revokeCert' ]
, challengeTypes: [ 'http-01', 'dns-01' ] , challengeTypes: [ 'http-01', 'dns-01' ]
, challengeType: 'http-01' , challengeType: 'http-01'
, keyType: 'rsa' // ecdsa //, keyType: 'rsa' // ecdsa
, keySize: 2048 // 256 //, keySize: 2048 // 256
, rsaKeySize: 2048 // 256
}; };
Object.keys(module.exports.defaults).forEach(function (key) { Object.keys(module.exports.defaults).forEach(function (key) {
module.exports.ACME[key] = module.exports.defaults[key]; module.exports.ACME[key] = module.exports.defaults[key];

20
node.js
View File

@ -452,6 +452,17 @@ ACME._getCertificate = function (me, options) {
options.challengeTypes = [ options.challengeType ]; options.challengeTypes = [ options.challengeType ];
} }
if (!me._kid) {
if (options.accountKid) {
me._kid = options.accountKid;
} else {
//return Promise.reject(new Error("must include KeyID"));
return ACME._registerAccount(me, options).then(function () {
return ACME._getCertificate(me, options);
});
}
}
if (me.debug) { console.log('[acme-v2] certificates.create'); } if (me.debug) { console.log('[acme-v2] certificates.create'); }
return ACME._getNonce(me).then(function () { return ACME._getNonce(me).then(function () {
var body = { var body = {
@ -491,7 +502,9 @@ ACME._getCertificate = function (me, options) {
//console.log('[DEBUG] finalize:', me._finalize); return; //console.log('[DEBUG] finalize:', me._finalize); return;
if (!me._authorizations) { if (!me._authorizations) {
console.error("[acme-v2.js] authorizations were not fetched"); console.error("[acme-v2.js] authorizations were not fetched:");
console.error(resp.body);
return Promise.reject(new Error("authorizations were not fetched"));
} }
if (me.debug) { console.log("47 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&"); } if (me.debug) { console.log("47 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&"); }
@ -534,7 +547,10 @@ ACME._getCertificate = function (me, options) {
return ACME._finalizeOrder(me, options, validatedDomains); return ACME._finalizeOrder(me, options, validatedDomains);
}).then(function () { }).then(function () {
console.log('acme-v2: order was finalized');
return me._request({ method: 'GET', url: me._certificate, json: true }).then(function (resp) { return me._request({ method: 'GET', url: me._certificate, json: true }).then(function (resp) {
console.log('acme-v2: csr submitted and cert received:');
console.log(resp.body);
return resp.body; return resp.body;
}); });
}); });
@ -544,6 +560,8 @@ ACME._getCertificate = function (me, options) {
ACME.create = function create(me) { ACME.create = function create(me) {
if (!me) { me = {}; } if (!me) { me = {}; }
//
me.debug = true;
me.acmeChallengePrefix = ACME.acmeChallengePrefix; me.acmeChallengePrefix = ACME.acmeChallengePrefix;
me.acmeChallengeDnsPrefix = ACME.acmeChallengeDnsPrefix; me.acmeChallengeDnsPrefix = ACME.acmeChallengeDnsPrefix;
me.acmeChallengePrefixes = ACME.acmeChallengePrefixes; me.acmeChallengePrefixes = ACME.acmeChallengePrefixes;