support tls-sni-01 challenge
Previously the http-01 challenge was simply served over SSL.
This commit is contained in:
Ben Schmidt
parent
7d3702aa81
commit
0e7c748fb1
29
index.js
29
index.js
|
|
@ -15,6 +15,7 @@ module.exports.run = function (args) {
|
|||
args.standalone = USE_DNS;
|
||||
} else if (args.tlsSni01Port) {
|
||||
challengeType = 'tls-sni-01';
|
||||
args.webrootPath = '';
|
||||
} else /*if (args.http01Port)*/ {
|
||||
challengeType = 'http-01';
|
||||
}
|
||||
|
|
@ -27,12 +28,13 @@ module.exports.run = function (args) {
|
|||
// TODO rename le-challenge-fs to le-challenge-webroot
|
||||
leChallenge = require('./lib/webroot').create({ webrootPath: args.webrootPath });
|
||||
}
|
||||
else if (args.tlsSni01Port) {
|
||||
leChallenge = require('le-challenge-sni').create({});
|
||||
servers = require('./lib/servers').create(leChallenge);
|
||||
}
|
||||
else if (USE_DNS !== args.standalone) {
|
||||
leChallenge = require('le-challenge-standalone').create({});
|
||||
servers = require('./lib/servers').create(leChallenge).startServers(
|
||||
args.http01Port || [80], args.tlsSni01Port || [443, 5001]
|
||||
, { debug: args.debug }
|
||||
);
|
||||
servers = require('./lib/servers').create(leChallenge);
|
||||
}
|
||||
|
||||
leStore = require('le-store-certbot').create({
|
||||
|
|
@ -51,14 +53,31 @@ module.exports.run = function (args) {
|
|||
}
|
||||
|
||||
// let LE know that we're handling standalone / webroot here
|
||||
var leChallenges = {};
|
||||
leChallenges[challengeType] = leChallenge;
|
||||
var le = LE.create({
|
||||
debug: args.debug
|
||||
, server: args.server
|
||||
, store: leStore
|
||||
, challenges: { 'http-01': leChallenge, 'tls-sni-01': leChallenge }
|
||||
, challenges: leChallenges
|
||||
, duplicate: args.duplicate
|
||||
});
|
||||
|
||||
if (servers) {
|
||||
if (args.tlsSni01Port) {
|
||||
servers = servers.startServers(
|
||||
[], args.tlsSni01Port
|
||||
, { debug: args.debug, httpsOptions: le.httpsOptions }
|
||||
);
|
||||
}
|
||||
else {
|
||||
servers = servers.startServers(
|
||||
args.http01Port || [80], []
|
||||
, { debug: args.debug }
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// Note: can't use args directly as null values will overwrite template values
|
||||
le.register({
|
||||
domains: args.domains
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ module.exports.create = function (challenge) {
|
|||
, startServers: function (plainPorts, tlsPorts, opts) {
|
||||
opts = opts || {};
|
||||
|
||||
var httpsOptions = require('localhost.daplie.com-certificates');
|
||||
var httpsOptions = opts.httpsOptions || require('localhost.daplie.com-certificates');
|
||||
var https = require('https');
|
||||
var http = require('http');
|
||||
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@
|
|||
"homedir": "^0.6.0",
|
||||
"le-acme-core": "^2.0.5",
|
||||
"le-challenge-manual": "^2.0.0",
|
||||
"le-challenge-sni": "^2.0.0",
|
||||
"le-challenge-standalone": "^2.0.0",
|
||||
"le-store-certbot": "^2.0.2",
|
||||
"letsencrypt": "^2.1.2",
|
||||
|
|
|
|||
Loading…
Reference in New Issue