Free SSL and Automatic HTTPS for node.js with KOA and other middleware systems via ACME (Let's Encrypt)
Je kunt niet meer dan 25 onderwerpen selecteren Onderwerpen moeten beginnen met een letter of nummer, kunnen streepjes bevatten ('-') en kunnen maximaal 35 tekens lang zijn.
AJ ONeal f2b21a9572 typo fix 4 jaren geleden
.github Update '.github/ISSUE_TEMPLATE.md' 5 jaren geleden
.gitignore Initial commit 8 jaren geleden
LICENSE update LICENSE 6 jaren geleden
README.md Update 'README.md' 5 jaren geleden
index.js typo fix 4 jaren geleden
package.json v2.1.4: fix typo in README 5 jaren geleden

README.md

Greenlock™ for Koa

An Automated HTTPS ACME client (Let's Encrypt v2) for Koa

Greenlock™ for Browsers, Node.js, Commandline, Express.js, Node.js Cluster, hapi, Koa, and rill | Sponsered by ppl

Features

  • Automatic Registration via SNI (httpsOptions.SNICallback)
  • Secure domain approval callback
  • Automatic renewal between 10 and 14 days before expiration
  • Virtual Hosting (vhost) with Multiple Domains & SAN
  • and more
  • plugins for AWS, redis, and more

This module is just an alias for greenlock-express.js, which works with any middleware system.

Install

npm install --save greenlock-koa@2.x

QuickStart

'use strict';

//////////////////////
// Greenlock Setup  //
//////////////////////

var greenlock = require('greenlock-koa').create({
  version: 'draft-11' // Let's Encrypt v2
  // You MUST change this to 'https://acme-v02.api.letsencrypt.org/directory' in production
, server: 'https://acme-staging-v02.api.letsencrypt.org/directory'

, email: 'jon@example.com'
, agreeTos: true
, approveDomains: [ 'example.com' ]

  // Join the community to get notified of important updates
  // and help make greenlock better
, communityMember: true

, configDir: require('os').homedir() + '/acme/etc'

//, debug: true
});


//////////////////
// Just add Koa //
//////////////////

var http = require('http');
var https = require('https');
var koa = require('koa');
var app = new koa();

app.use(function *() {
  this.body = 'Hello World';
});

// https server
var server = https.createServer(greenlock.tlsOptions, greenlock.middleware(app.callback()));

server.listen(443, function () {
 console.log('Listening at https://localhost:' + this.address().port);
});


// http redirect to https
var http = require('http');
var redirectHttps = app.use(require('koa-sslify')()).callback();
http.createServer(greenlock.middleware(redirectHttps)).listen(80, function () {
  console.log('Listening on port 80 to handle ACME http-01 challenge and redirect to https');
});

Handling a dynamic list of domains

If you handle multiple domains and you dynamically add new ones, you'll want to replace the static list of domains in approveDomains with a function like this:

function approveDomains(opts, certs, cb) {
  // This is where you check your database and associated
  // email addresses with domains and agreements and such

  // The domains being approved for the first time are listed in opts.domains
  // Certs being renewed are listed in certs.altnames
  if (certs) {
    opts.domains = certs.altnames;
  }
  else {
    // Do something to
    opts.email = 'john.doe@example.com';
    opts.agreeTos = true;
  }

  opts.communityMember = true;

  // NOTE: you can also change other options such as `challengeType` and `challenge`
  // opts.challengeType = 'http-01';
  // opts.challenge = require('le-challenge-fs').create({});

  cb(null, { options: opts, certs: certs });
}

SECURITY: Be careful with this. If you don't check that the domains being requested are the domains you allow an attacker can make you hit your rate limit for failed verification attempts.

See the vhost example for an idea of how this is done.

More Usage & Troubleshooting

See https://git.coolaj86.com/coolaj86/greenlock-express.js