make production default

This commit is contained in:
AJ ONeal 2018-05-19 17:54:08 -06:00
parent 2dab010be3
commit 6953068a7b
6 changed files with 39 additions and 21 deletions

View File

@ -102,8 +102,9 @@ require('greenlock-express').create({
// Let's Encrypt v2 is ACME draft 11 // Let's Encrypt v2 is ACME draft 11
version: 'draft-11' version: 'draft-11'
// You MUST change 'acme-staging-v02' to 'acme-v02' in production , server: 'https://acme-v02.api.letsencrypt.org/directory'
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // staging // Note: If at first you don't succeed, switch to staging to debug
// https://acme-staging-v02.api.letsencrypt.org/directory
// You MUST change this to a valid email address // You MUST change this to a valid email address
, email: 'john.doe@example.com' , email: 'john.doe@example.com'
@ -157,18 +158,27 @@ Double check the following:
* **API limits** * **API limits**
* You MUST NOT exceed the API [**usage limits**](https://letsencrypt.org/docs/staging-environment/) per domain, certificate, IP address, etc * You MUST NOT exceed the API [**usage limits**](https://letsencrypt.org/docs/staging-environment/) per domain, certificate, IP address, etc
* **Red Lock, Untrusted** * **Red Lock, Untrusted**
* You MUST change the `server` value **in production** * You MUST use the **production** server url, not staging
* Shorten the 'acme-staging-v02' part of the server URL to 'acme-v02' * The API URL should not have 'acme-staging-v02', but should have 'acme-v02'
* Delete the `configDir` used for getting certificates in staging
### Get it working in staging first! ### Production vs Staging
If at first you don't succeed, stop and switch to staging.
There are a number of common problems related to system configuration - There are a number of common problems related to system configuration -
firewalls, ports, permissions, etc - that you are likely to run up against firewalls, ports, permissions, etc - that you are likely to run up against
when using greenlock for your first time. when using greenlock for your first time.
In order to avoid being blocked by hitting rate limits with bad requests, I've put a "dry run" in place with built-in diagnostics, so hopefully
you should always test against the `staging` server you get everything right on your first or second try.
(`https://acme-staging-v02.api.letsencrypt.org/directory`) first.
However, in order to avoid being blocked by hitting the bad request rate limits
you should switch to using the `staging` server for any testing or debugging.
```
https://acme-staging-v02.api.letsencrypt.org/directory
```
Plugins Plugins
===== =====
@ -254,8 +264,9 @@ It looks a little more like this:
// returns an instance of greenlock.js with additional helper methods // returns an instance of greenlock.js with additional helper methods
var lex = require('greenlock-express').create({ var lex = require('greenlock-express').create({
// set to https://acme-v02.api.letsencrypt.org/directory in production server: 'https://acme-v02.api.letsencrypt.org/directory'
server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // Note: If at first you don't succeed, stop and switch to staging:
// https://acme-staging-v02.api.letsencrypt.org/directory
, version: 'draft-11' // Let's Encrypt v2 (ACME v2) , version: 'draft-11' // Let's Encrypt v2 (ACME v2)
// If you wish to replace the default account and domain key storage plugin // If you wish to replace the default account and domain key storage plugin

View File

@ -3,7 +3,12 @@
//require('greenlock-express') //require('greenlock-express')
require('../').create({ require('../').create({
server: 'staging' // Let's Encrypt v2 is ACME draft 11
version: 'draft-11'
, server: 'https://acme-v02.api.letsencrypt.org/directory'
// Note: If at first you don't succeed, stop and switch to staging
// https://acme-staging-v02.api.letsencrypt.org/directory
, email: 'john.doe@example.com' , email: 'john.doe@example.com'

View File

@ -21,8 +21,9 @@ require('../').create({
// Let's Encrypt v2 is ACME draft 11 // Let's Encrypt v2 is ACME draft 11
version: 'draft-11' version: 'draft-11'
// You MUST change 'acme-staging-v02' to 'acme-v02' in production , server: 'https://acme-v02.api.letsencrypt.org/directory'
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // staging // Note: If at first you don't succeed, stop and switch to staging
// https://acme-staging-v02.api.letsencrypt.org/directory
// The previous 'simple' example set these values statically, // The previous 'simple' example set these values statically,
// but this example uses approveDomains() to set them dynamically // but this example uses approveDomains() to set them dynamically

View File

@ -18,10 +18,9 @@ var secret = require('crypto').randomBytes(16).toString('hex');
require('../').create({ require('../').create({
version: 'draft-11' version: 'draft-11'
// WARNING: This runs PRODUCTION by default. , server: 'https://acme-v02.api.letsencrypt.org/directory'
// Uncomment staging instead if you're a first-timer. // Note: If at first you don't succeed, stop and switch to staging
, server: 'https://acme-v02.api.letsencrypt.org/directory' // production // https://acme-staging-v02.api.letsencrypt.org/directory
//, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // staging
, email: email , email: email
, agreeTos: agreeLeTos , agreeTos: agreeLeTos

View File

@ -6,8 +6,9 @@ require('../').create({
// Let's Encrypt v2 is ACME draft 11 // Let's Encrypt v2 is ACME draft 11
version: 'draft-11' version: 'draft-11'
// You MUST change 'acme-staging-v02' to 'acme-v02' in production , server: 'https://acme-v02.api.letsencrypt.org/directory'
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' // Note: If at first you don't succeed, stop and switch to staging
// https://acme-staging-v02.api.letsencrypt.org/directory
// You MUST change this to a valid email address // You MUST change this to a valid email address
, email: 'john.doe@example.com' , email: 'john.doe@example.com'

View File

@ -21,8 +21,9 @@ require('../').create({
// Let's Encrypt v2 is ACME draft 11 // Let's Encrypt v2 is ACME draft 11
version: 'draft-11' version: 'draft-11'
// You MUST change 'acme-staging-v02' to 'acme-v02' in production , server: 'https://acme-v02.api.letsencrypt.org/directory'
, server: 'https://acme-v02.api.letsencrypt.org/directory' // staging // Note: If at first you don't succeed, stop and switch to staging
// https://acme-staging-v02.api.letsencrypt.org/directory
, approveDomains: function (opts, certs, cb) { , approveDomains: function (opts, certs, cb) {
// In this example the filesystem is our "database". // In this example the filesystem is our "database".