"use strict"; //var Greenlock = require('greenlock-express') var Greenlock = require("../"); var greenlock = Greenlock.create({ // Let's Encrypt v2 is ACME draft 11 version: "draft-11", server: "https://acme-v02.api.letsencrypt.org/directory", // Note: If at first you don't succeed, stop and switch to staging // https://acme-staging-v02.api.letsencrypt.org/directory // You MUST change this to a valid email address email: "jon@example.com", // You MUST NOT build clients that accept the ToS without asking the user agreeTos: true, // You MUST change these to valid domains // NOTE: all domains will validated and listed on the certificate approvedDomains: ["example.com", "www.example.com"], // You MUST have access to write to directory where certs are saved // ex: /home/foouser/acme/etc configDir: "~/.config/acme/", // Get notified of important updates and help me make greenlock better communityMember: true //, debug: true }); //////////////////////// // http-01 Challenges // //////////////////////// // http-01 challenge happens over http/1.1, not http2 var redirectHttps = require("redirect-https")(); var acmeChallengeHandler = greenlock.middleware(redirectHttps); require("http") .createServer(acmeChallengeHandler) .listen(80, function() { console.log("Listening for ACME http-01 challenges on", this.address()); }); //////////////////////// // node.js' http2 api // //////////////////////// // http2 is a new API with which you would use hapi or koa, not express var server = require("http2").createSecureServer(greenlock.tlsOptions); server.on("error", function(err) { console.error(err); }); // WARNING: Because the middleware don't handle this API style, // the Host headers are unmodified and potentially dangerous // (ex: Host: Robert'); DROP TABLE Students;) server.on("stream", function(stream, headers) { console.log(headers); stream.respond({ "content-type": "text/html", ":status": 200 }); stream.end("Hello, HTTP2 World!"); }); server.on("listening", function() { console.log("Listening for http2 requests on", this.address()); }); server.listen(443);