coolaj86
/
acme.js
mirror of https://github.com/therootcompany/acme.js
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity
Lightweight library for getting Free SSL certifications through Let's Encrypt v2, using ACME (RFC 8555)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
9 Branches
46 Tags
503 KiB
 
Tree: 0c2f6a3aef
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0c2f6a3aef'
${ noResults }
AJ ONeal 0c2f6a3aef
add homepage 		6 years ago
README.md note sponsorship 6 years ago
genkeypair.js successful test! yay! 6 years ago
node.js use supplied directoryUrl 6 years ago
package.json add homepage 6 years ago
test.js use supplied directoryUrl 6 years ago

README.md

acme-v2.js

| Sponsored by ppl

A framework for building letsencrypt clients (and other ACME v2 clients), forked from le-acme-core.js.

Summary of spec that I'm working off of here: https://git.coolaj86.com/coolaj86/greenlock.js/issues/5#issuecomment-8

In progress

  • Mar 15, 2018 - get directory
  • Mar 15, 2018 - get nonce
  • Mar 15, 2018 - generate account keypair
  • Mar 15, 2018 - create account
  • Mar 16, 2018 - new order
  • Mar 16, 2018 - get challenges
  • Mar 20, 2018 - respond to challenges
  • Mar 20, 2018 - generate domain keypair
  • Mar 20, 2018 - finalize order (submit csr)
  • Mar 20, 2018 - poll for status
  • Mar 20, 2018 - download certificate
  • Mar 20, 2018 - SUCCESS - got a test certificate (hard-coded)
  • Mar 21, 2018 - can now accept values (not hard coded)
  • Mar 21, 2018 - mostly matches le-acme-core.js API

Todo

  • completely match api for acme v1 (le-acme-core.js)
  • test http and dns challenges
  • export http and dns challenge tests
  • support ECDSA keys

API

var ACME = require('acme-v2.js').ACME.create({
  RSA: require('rsa-compat').RSA
});

// Accounts
ACME.registerNewAccount(options, cb)        // returns "regr" registration data

    { email: '<email>'                        //    valid email (server checks MX records)
    , accountKeypair: {                       //    privateKeyPem or privateKeyJwt
        privateKeyPem: '<ASCII PEM>'
      }
    , agreeToTerms: fn (tosUrl, cb) {}        //    must specify agree=tosUrl to continue (or falsey to end)
    }

// Registration
ACME.getCertificate(options, cb)            // returns (err, pems={ privkey (key), cert, chain (ca) })

    { newAuthzUrl: '<url>'                    //    specify acmeUrls.newAuthz
    , newCertUrl: '<url>'                     //    specify acmeUrls.newCert

    , domainKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , accountKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , domains: [ 'example.com' ]

    , setChallenge: fn (hostname, key, val, cb)
    , removeChallenge: fn (hostname, key, cb)
    }

// Discovery URLs
ACME.getAcmeUrls(acmeDiscoveryUrl, cb)      // returns (err, acmeUrls={newReg,newAuthz,newCert,revokeCert})

Helpers & Stuff

// Constants
ACME.productionServerUrl                // https://acme-v02.api.letsencrypt.org/directory
ACME.stagingServerUrl                   // https://acme-staging-v02.api.letsencrypt.org/directory
ACME.acmeChallengePrefix                // /.well-known/acme-challenge/