AJ ONeal
5 years ago
1 changed files with 67 additions and 0 deletions
@ -0,0 +1,67 @@ |
|||
#!/usr/bin/env node
|
|||
'use strict'; |
|||
/*global Promise*/ |
|||
|
|||
///////////////////////
|
|||
// wildcard example //
|
|||
//////////////////////
|
|||
|
|||
//
|
|||
// wildcard example
|
|||
//
|
|||
|
|||
//var glx = require('greenlock-express')
|
|||
var glx = require('./').create({ |
|||
|
|||
version: 'draft-11' // Let's Encrypt v2 is ACME draft 11
|
|||
|
|||
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory' |
|||
//, server: 'https://acme-v02.api.letsencrypt.org/directory' // If at first you don't succeed, stop and switch to staging
|
|||
// https://acme-staging-v02.api.letsencrypt.org/directory
|
|||
|
|||
, configDir: '~/acme/' // You MUST have access to write to directory where certs
|
|||
// are saved. ex: /home/foouser/.config/acme
|
|||
|
|||
, approveDomains: myApproveDomains // Greenlock's wraps around tls.SNICallback. Check the
|
|||
// domain name here and reject invalid ones
|
|||
|
|||
, app: require('./my-express-app.js') // Any node-style http app (i.e. express, koa, hapi, rill)
|
|||
|
|||
/* CHANGE TO A VALID EMAIL */ |
|||
, email: 'jon.doe@example.com' // Email for Let's Encrypt account and Greenlock Security
|
|||
, agreeTos: true // Accept Let's Encrypt ToS
|
|||
, communityMember: true // Join Greenlock to (very rarely) get important updates
|
|||
|
|||
//, debug: true
|
|||
, store: require('le-store-fs') |
|||
}); |
|||
|
|||
var server = glx.listen(80, 443); |
|||
server.on('listening', function () { |
|||
console.info(server.type + " listening on", server.address()); |
|||
}); |
|||
|
|||
function myApproveDomains(opts) { |
|||
console.log('sni:', opts.domains[0]); |
|||
|
|||
// must be 'example.com' or start with 'example.com'
|
|||
if ('example.com' !== opts.domains[0] |
|||
&& 'example.com' !== opts.domains[0].split('.').slice(1).join('.')) { |
|||
return Promise.reject(new Error("we don't serve your kind here: " + opts.domains[0])); |
|||
} |
|||
|
|||
// the primary domain for the cert
|
|||
opts.subject = 'example.com'; |
|||
// the altnames (including the primary)
|
|||
opts.domains = [ opts.subject, '*.example.com' ]; |
|||
|
|||
if (!opts.challenges) { opts.challenges = {}; } |
|||
opts.challenges['http-01'] = require('le-challenge-fs').create({}); |
|||
opts.challenges['dns-01'] = require('le-challenge-dns').create({}); |
|||
|
|||
// explicitly set account id and certificate.id
|
|||
opts.account = { id: opts.email }; |
|||
opts.certificate = { id: opts.subject }; |
|||
|
|||
return Promise.resolve(opts); |
|||
} |
Loading…
Reference in new issue