For security, you must specify which sites you allow to request certificates. If you need this to be dynamic (i.e. checking a database or API, see the section below on custom site managers).
Every site has a "subject" (its primary domain name) and one or more "altnames" (secondary or related domain names on the same certificate).
### Using CLI (simple, recommended)
Simply supply the names of sites that you manage and they will be added to the file system config, or database.
```bash
# Note: you can use the CLI to edit the config file
When you run `npm start`, it will automatically run `node server.js` (or `package.json.scripts.start`).
For arguments that `npm start` should ignore, place them after `--`.
Here we use `--staging` in order to tell greenlock to issue test certificates rather than real certificates.
```bash
# Note: you can use npm start to run server.js with the --staging flag set
@ -190,7 +249,40 @@ Listening on 0.0.0.0:80 for ACME challenges and HTTPS redirects
Listening on 0.0.0.0:443 for secure traffic
```
## Walkthrough
If everything worked you can visit your site in your browser, and after a few seconds you'll see a "Hello World" message, and certificates will be saved in `greenlock.d/staging`. Run again without `--staging` and you will get real certificates.
### Season to taste
Now you're ready to update `app.js` with your code. For example, try this next: