coolaj86
/
acme.js
mirror of https://github.com/therootcompany/acme.js
1
0
Fork 0
Code Issues 1 Projects Releases Wiki Activity
Lightweight library for getting Free SSL certifications through Let's Encrypt v2, using ACME (RFC 8555)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10 Commits
9 Branches
46 Tags
503 KiB
 
Tree: b12a1a7ea4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b12a1a7ea4'
${ noResults }
AJ ONeal b12a1a7ea4
yay for backwards compat tested and working 		6 years ago
README.md yay for backwards compat tested and working 6 years ago
compat.js yay for backwards compat tested and working 6 years ago
genkeypair.js successful test! yay! 6 years ago
node.js yay for backwards compat tested and working 6 years ago
package.json add keywords 6 years ago
test.cb.js yay for backwards compat tested and working 6 years ago
test.compat.js yay for backwards compat tested and working 6 years ago
test.js yay for backwards compat tested and working 6 years ago
test.promise.js yay for backwards compat tested and working 6 years ago

README.md

acme-v2.js

| Sponsored by ppl

A framework for building letsencrypt clients (and other ACME v2 clients), forked from le-acme-core.js.

Summary of spec that I'm working off of here: https://git.coolaj86.com/coolaj86/greenlock.js/issues/5#issuecomment-8

In progress

  • Mar 15, 2018 - get directory
  • Mar 15, 2018 - get nonce
  • Mar 15, 2018 - generate account keypair
  • Mar 15, 2018 - create account
  • Mar 16, 2018 - new order
  • Mar 16, 2018 - get challenges
  • Mar 20, 2018 - respond to challenges
  • Mar 20, 2018 - generate domain keypair
  • Mar 20, 2018 - finalize order (submit csr)
  • Mar 20, 2018 - poll for status
  • Mar 20, 2018 - download certificate
  • Mar 20, 2018 - SUCCESS - got a test certificate (hard-coded)
  • Mar 21, 2018 - can now accept values (not hard coded)
  • Mar 21, 2018 - mostly matches le-acme-core.js API

Todo

  • completely match api for acme v1 (le-acme-core.js)
  • test http and dns challenges
  • export http and dns challenge tests
  • support ECDSA keys

Let's Encrypt Directory URLs

# Production URL
https://acme-v02.api.letsencrypt.org/directory

# Staging URL
https://acme-staging-v02.api.letsencrypt.org/directory

API

var ACME = require('acme-v2').ACME.create({
  RSA: require('rsa-compat').RSA

  // other overrides
, request: require('request')
, promisify: require('util').promisify

  // used for constructing user-agent
, os: require('os')
, process: require('process')

  // used for overriding the default user-agent
, userAgent: 'My custom UA String'
, getUserAgentString: function (deps) { return 'My custom UA String'; }
});

// Accounts
ACME.accounts.create(options)                 // returns Promise<regr> registration data

    { email: '<email>'                        //    valid email (server checks MX records)
    , accountKeypair: {                       //    privateKeyPem or privateKeyJwt
        privateKeyPem: '<ASCII PEM>'
      }
    , agreeToTerms: fn (tosUrl) {}            //    returns Promise with tosUrl
    }


// Registration
ACME.certificates.create(options)             // returns Promise<pems={ privkey (key), cert, chain (ca) }>

    { newAuthzUrl: '<url>'                    //    specify acmeUrls.newAuthz
    , newCertUrl: '<url>'                     //    specify acmeUrls.newCert

    , domainKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , accountKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , domains: [ 'example.com' ]

    , setChallenge: fn (hostname, key, val)   // return Promise
    , removeChallenge: fn (hostname, key)     // return Promise
    }


// Discovery URLs
ACME.init(acmeDirectoryUrl)                   // returns Promise<acmeUrls={keyChange,meta,newAccount,newNonce,newOrder,revokeCert}>

Helpers & Stuff

// Constants
ACME.acmeChallengePrefix                // /.well-known/acme-challenge/