greenlock-challenge-manual.js/README.md

120 lines
2.8 KiB
Markdown
Raw Permalink Normal View History

2019-04-06 01:02:11 +00:00
| [Greenlock](https://git.coolaj86.com/coolaj86/greenlock.js) (library)
| [Greenlock CLI](https://git.coolaj86.com/coolaj86/greenlock-cli.js)
| [greenlock-express](https://git.coolaj86.com/coolaj86/greenlock-express.js)
| [greenlock-koa](https://git.coolaj86.com/coolaj86/greenlock-koa.js)
| [greenlock-hapi](https://git.coolaj86.com/coolaj86/greenlock-hapi.js)
2016-08-10 03:20:19 +00:00
|
le-challenge-manual
===================
2019-04-06 01:02:11 +00:00
A [Root](https://rootprojects.org) Project
2019-04-06 05:11:00 +00:00
A manual cli-based strategy for [Greenlock](https://git.coolaj86.com/coolaj86/greenlock-express.js) v2.7+ (and v3).
2016-08-10 03:20:19 +00:00
Prints the ACME challenge Token and Key and then waits for you to hit enter before continuing.
Install
-------
```bash
2019-04-06 05:11:00 +00:00
npm install --save le-challenge-manual@3.x
2016-08-10 03:20:19 +00:00
```
Usage
-----
```bash
2019-04-06 05:11:00 +00:00
var Greenlock = require('greenlock');
Greenlock.create({
...
, challenges: { 'http-01': require('le-challenge-manual')
, 'dns-01': require('le-challenge-manual')
, 'tls-alpn-01': require('le-challenge-manual')
}
...
2016-08-10 03:20:19 +00:00
});
```
2019-04-06 05:11:00 +00:00
Note: If you request a certificate with 6 domains listed,
2016-08-10 03:20:19 +00:00
it will require 6 individual challenges.
2019-04-06 05:11:00 +00:00
Exposed (Promise) Methods
2016-08-10 03:20:19 +00:00
---------------
For ACME Challenge:
2019-04-06 05:11:00 +00:00
* `set(opts)`
* `remove(opts)`
The options will look like this for normal domains:
```js
{ challenge: {
type: 'http-01'
, identifier: { type: 'dns', value: 'example.com' }
, wildcard: false
, expires: '2012-01-01T12:00:00.000Z'
, token: 'abc123'
, thumbprint: '<<account key thumbprint>>'
, keyAuthorization: 'abc123.xxxx'
, dnsHost: '_acme-challenge.example.com'
, dnsAuthorization: 'yyyy'
, altname: 'example.com'
}
}
```
And they'll look like this for wildcard domains:
```js
{ challenge: {
type: 'http-01'
, identifier: { type: 'dns', value: 'example.com' }
, wildcard: true
, expires: '2012-01-01T12:00:00.000Z'
, token: 'abc123'
, thumbprint: '<<account key thumbprint>>'
, keyAuthorization: 'abc123.xxxx'
, dnsHost: '_acme-challenge.example.com'
, dnsAuthorization: 'yyyy'
, altname: '*.example.com'
}
}
```
The only difference is that `altname` will have the `*.` prefix (which you would expect
but, of course, can't work as a specific a DNS record) and the `wildcard` property is `true`.
Optional
* `get(limitedOpts)`
2016-08-10 03:20:19 +00:00
2019-04-06 05:11:00 +00:00
Because the get method is apart from the main flow (such as a DNS query),
it's not always implemented and the options are much more limited in scope:
2016-08-10 03:20:19 +00:00
2019-04-06 05:11:00 +00:00
```js
{ challenge: {
type: 'http-01'
, identifier: { type: 'dns', value: 'example.com' }
, wildcard: false
, token: 'abc123'
, altname: 'example.com'
}
}
```
If there were an implementation of Greenlock integrated directly into
a NameServer (which currently there is not), it would probably look like this:
```js
{ challenge: {
type: 'dns-01'
, identifier: { type: 'dns', value: 'example.com' }
, token: 'abc123'
, dnsHost: '_acme-challenge.example.com'
}
}
```