|
|
@ -1,5 +1,36 @@ |
|
|
|
'use strict'; |
|
|
|
|
|
|
|
// IMPORTANT
|
|
|
|
// IMPORTANT
|
|
|
|
// IMPORTANT
|
|
|
|
//
|
|
|
|
// Ready? DON'T OVERTHINK IT!!! (Seriously, this is a huge problem)
|
|
|
|
//
|
|
|
|
// If you get confused, you're probably smart and thinking too deep.
|
|
|
|
//
|
|
|
|
// Want an explanation of how and why? Okay...
|
|
|
|
// https://coolaj86.com/articles/lets-encrypt-v2-step-by-step/
|
|
|
|
//
|
|
|
|
// But really, you probably don't want to know how and why (because then you'd be implementing your own from scratch)
|
|
|
|
//
|
|
|
|
// IMPORTANT
|
|
|
|
// IMPORTANT
|
|
|
|
// IMPORTANT
|
|
|
|
//
|
|
|
|
// If you want to create a storage strategy quick-and-easy, treat everything as either dumb strings or JSON blobs
|
|
|
|
// (just as is done here), don't try to do clever optimizations, 5th normal form, etc (you ain't gonna need it),
|
|
|
|
// but DO use the simple test provided by `greenlock-store-test`.
|
|
|
|
//
|
|
|
|
// IMPORTANT
|
|
|
|
// IMPORTANT
|
|
|
|
// IMPORTANT
|
|
|
|
//
|
|
|
|
// Don't get fancy. Don't overthink it.
|
|
|
|
// If you want to be fancy and clever, do that after you can pass `greenlock-store-test` the dumb way shown here.
|
|
|
|
//
|
|
|
|
// Also: please do contribute clarifying comments.
|
|
|
|
|
|
|
|
|
|
|
|
module.exports.create = function (opts) { |
|
|
|
// pass in database url, connection string, filepath,
|
|
|
|
// or whatever it is you need to get your job done well
|
|
|
@ -73,10 +104,15 @@ module.exports.create = function (opts) { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// The certificate keypairs must not be the same as any account keypair
|
|
|
|
// The certificate keypairs (properly named privkey.pem, though sometimes sutpidly called cert.key)
|
|
|
|
// https://community.letsencrypt.org/t/what-are-those-pem-files/18402
|
|
|
|
// Certificate Keypairs must not be used for Accounts and vice-versamust not be the same as any account keypair
|
|
|
|
//
|
|
|
|
store.certificates.setKeypair = function (opts) { |
|
|
|
console.log('certificates.setKeypair:', opts.certificate, opts.subject, opts.keypair); |
|
|
|
|
|
|
|
// The ID is a string that doesn't clash between accounts and certificates.
|
|
|
|
// That's all you need to know... unless you're doing something special (in which case you're on your own).
|
|
|
|
var id = opts.certificate.kid || opts.certificate.id || opts.subject; |
|
|
|
var keypair = opts.keypair; |
|
|
|
|
|
|
|