Lightweight library for getting Free SSL certifications through Let's Encrypt v2, using ACME (RFC 8555)
Go to file
AJ ONeal a38d751cfa use supplied directoryUrl 2018-03-21 01:33:54 -06:00
README.md not hard-coded, almost backwards compatible 2018-03-21 01:26:23 -06:00
genkeypair.js successful test! yay! 2018-03-20 01:24:36 -06:00
node.js use supplied directoryUrl 2018-03-21 01:33:54 -06:00
package.json not hard-coded, almost backwards compatible 2018-03-21 01:26:23 -06:00
test.js use supplied directoryUrl 2018-03-21 01:33:54 -06:00

README.md

acme-v2.js

A framework for building letsencrypt clients (and other ACME v2 clients), forked from le-acme-core.js.

Summary of spec that I'm working off of here: coolaj86/greenlock.js#5 (comment)

In progress

  • Mar 15, 2018 - get directory
  • Mar 15, 2018 - get nonce
  • Mar 15, 2018 - generate account keypair
  • Mar 15, 2018 - create account
  • Mar 16, 2018 - new order
  • Mar 16, 2018 - get challenges
  • Mar 20, 2018 - respond to challenges
  • Mar 20, 2018 - generate domain keypair
  • Mar 20, 2018 - finalize order (submit csr)
  • Mar 20, 2018 - poll for status
  • Mar 20, 2018 - download certificate
  • Mar 20, 2018 - SUCCESS - got a test certificate (hard-coded)
  • Mar 21, 2018 - can now accept values (not hard coded)
  • Mar 21, 2018 - mostly matches le-acme-core.js API

Todo

  • completely match api for acme v1 (le-acme-core.js)
  • test http and dns challenges
  • export http and dns challenge tests
  • support ECDSA keys

API

var ACME = require('acme-v2.js').ACME.create({
  RSA: require('rsa-compat').RSA
});
// Accounts
ACME.registerNewAccount(options, cb)        // returns "regr" registration data

    { email: '<email>'                        //    valid email (server checks MX records)
    , accountKeypair: {                       //    privateKeyPem or privateKeyJwt
        privateKeyPem: '<ASCII PEM>'
      }
    , agreeToTerms: fn (tosUrl, cb) {}        //    must specify agree=tosUrl to continue (or falsey to end)
    }

// Registration
ACME.getCertificate(options, cb)            // returns (err, pems={ privkey (key), cert, chain (ca) })

    { newAuthzUrl: '<url>'                    //    specify acmeUrls.newAuthz
    , newCertUrl: '<url>'                     //    specify acmeUrls.newCert

    , domainKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , accountKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , domains: [ 'example.com' ]

    , setChallenge: fn (hostname, key, val, cb)
    , removeChallenge: fn (hostname, key, cb)
    }

// Discovery URLs
ACME.getAcmeUrls(acmeDiscoveryUrl, cb)      // returns (err, acmeUrls={newReg,newAuthz,newCert,revokeCert})

Helpers & Stuff

// Constants
ACME.productionServerUrl                // https://acme-v02.api.letsencrypt.org/directory
ACME.stagingServerUrl                   // https://acme-staging-v02.api.letsencrypt.org/directory
ACME.acmeChallengePrefix                // /.well-known/acme-challenge/