coolaj86
/
acme-http-01-cli.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
ACME http-01 challenge reference implementation for Greenlock v2.7+ (and v3)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
3 Tags
124 KiB
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
AJ ONeal 19ae7f120c
v3.0.2 		5 years ago
.gitignore v3.0.0: http-01 challenge strategy reference implementation 5 years ago
LICENSE v3.0.0: http-01 challenge strategy reference implementation 5 years ago
README.md v3.0.2 5 years ago
index.js v3.0.1: ACME http-01 challenge reference implementation for Greenlock v2.7+ (and v3) 5 years ago
package-lock.json v3.0.1: ACME http-01 challenge reference implementation for Greenlock v2.7+ (and v3) 5 years ago
package.json v3.0.2 5 years ago
test.js v3.0.1: ACME http-01 challenge reference implementation for Greenlock v2.7+ (and v3) 5 years ago

README.md

acme-http-01-cli | a Root project

An extremely simple reference implementation of an ACME (Let's Encrypt) http-01 challenge strategy.

This generic implementation can be adapted to work with any node.js ACME client, although it was built for Greenlock and ACME.js.

GET http://example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxx
  • Prints the ACME challenge URL and Key Authorization to the terminal
    • (waits for you to hit enter before continuing)
  • Asks you to enter (or upload) the Key Authorization challenge response.
  • Let's you know when the challenge as succeeded or failed, and is safe to remove.

Other ACME Challenge Reference Implementations:

Install

npm install --save acme-http-01-cli@3.x

Usage

var Greenlock = require('greenlock');

Greenlock.create({
  ...
, challenges: { 'http-01': require('acme-http-01-cli').create({ debug: true })
              , 'dns-01': require('acme-dns-01-cli')
              , 'tls-alpn-01': require('acme-tls-alpn-01-cli')
              }
  ...
});

Note: If you request a certificate with 6 domains listed, it will require 6 individual challenges.

Exposed (Promise) Methods

For ACME Challenge:

  • set(opts)
  • remove(opts)

The http-01 strategy does not support wildcard domains (whereas dns-01 does). The options will look like this (which you can see when debug: true is set):

{ challenge: {
    type: 'http-01'
  , identifier: { type: 'dns', value: 'example.com' }
  , wildcard: false
  , expires: '2012-01-01T12:00:00.000Z'
  , token: 'abc123'
  , thumbprint: '<<account key thumbprint>>'
  , keyAuthorization: 'abc123.xxxx'
  , dnsHost: '_acme-challenge.example.com'
  , dnsAuthorization: 'yyyy'
  , altname: 'example.com'
  }
}

Optional:

  • get(limitedOpts)

Because the get method is apart from the main flow (such as a DNS query), it's not always implemented and the options are much more limited in scope:

{ challenge: {
    type: 'http-01'
  , identifier: { type: 'dns', value: 'example.com' }
  , wildcard: false
  , token: 'abc123'
  , altname: 'example.com'
  }
}

Legal & Rules of the Road

Greenlock™ and Bluecrypt™ are trademarks of AJ ONeal

The rule of thumb is "attribute, but don't confuse". For example:

Built with Greenlock (a Root project).

Please contact us if you have any questions in regards to our trademark, attribution, and/or visible source policies. We want to build great software and a great community.

Greenlock™ | MPL-2.0 | Terms of Use | Privacy Policy