From f088d0326dbe948e5283ec656d4285a758876eab Mon Sep 17 00:00:00 2001
From: AJ ONeal <coolaj86@gmail.com>
Date: Tue, 2 Apr 2019 22:48:57 -0600
Subject: [PATCH] add wildcard example

---
 examples/wildcard.js | 67 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 examples/wildcard.js

diff --git a/examples/wildcard.js b/examples/wildcard.js
new file mode 100644
index 0000000..119f00e
--- /dev/null
+++ b/examples/wildcard.js
@@ -0,0 +1,67 @@
+#!/usr/bin/env node
+'use strict';
+/*global Promise*/
+
+///////////////////////
+// wildcard example //
+//////////////////////
+
+//
+// wildcard example
+//
+
+//var glx = require('greenlock-express')
+var glx = require('./').create({
+
+  version: 'draft-11'                                       // Let's Encrypt v2 is ACME draft 11
+
+, server: 'https://acme-staging-v02.api.letsencrypt.org/directory'
+//, server: 'https://acme-v02.api.letsencrypt.org/directory'  // If at first you don't succeed, stop and switch to staging
+                                                            // https://acme-staging-v02.api.letsencrypt.org/directory
+
+, configDir: '~/acme/'                                      // You MUST have access to write to directory where certs
+                                                            // are saved. ex: /home/foouser/.config/acme
+
+, approveDomains: myApproveDomains                          // Greenlock's wraps around tls.SNICallback. Check the
+                                                            // domain name here and reject invalid ones
+
+, app: require('./my-express-app.js')                       // Any node-style http app (i.e. express, koa, hapi, rill)
+
+  /* CHANGE TO A VALID EMAIL */
+, email: 'jon.doe@example.com'                              // Email for Let's Encrypt account and Greenlock Security
+, agreeTos: true                                            // Accept Let's Encrypt ToS
+, communityMember: true                                     // Join Greenlock to (very rarely) get important updates
+
+//, debug: true
+, store: require('le-store-fs')
+});
+
+var server = glx.listen(80, 443);
+server.on('listening', function () {
+  console.info(server.type + " listening on", server.address());
+});
+
+function myApproveDomains(opts) {
+  console.log('sni:', opts.domains[0]);
+
+  // must be 'example.com' or start with 'example.com'
+  if ('example.com' !== opts.domains[0]
+    && 'example.com' !== opts.domains[0].split('.').slice(1).join('.')) {
+    return Promise.reject(new Error("we don't serve your kind here: " + opts.domains[0]));
+  }
+
+  // the primary domain for the cert
+  opts.subject = 'example.com';
+  // the altnames (including the primary)
+  opts.domains = [ opts.subject, '*.example.com' ];
+
+  if (!opts.challenges) { opts.challenges = {}; }
+  opts.challenges['http-01'] = require('le-challenge-fs').create({});
+  opts.challenges['dns-01'] = require('le-challenge-dns').create({});
+
+  // explicitly set account id and certificate.id
+  opts.account = { id: opts.email };
+  opts.certificate = { id: opts.subject };
+
+  return Promise.resolve(opts);
+}