greenlock.js/examples/express-minimal.js

58 lines
1.7 KiB
JavaScript
Raw Permalink Normal View History

'use strict';
var LE = require('../');
var config = require('./config-minimal');
// Note: you should make this special dir in your product and leave it empty
config.le.webrootPath = __dirname + '/../tests/acme-challenge';
config.le.server = LE.stagingServer;
var le = LE.create(config.backend, config.le, {
sniRegisterCallback: function (args, expiredCert, cb) {
// In theory you should never get an expired certificate because
// the certificates automatically renew in the background starting
// about a week before they expire.
// (the default behavior is to randomly stagger renewals)
// so in this case we'll just return the expired certificate
if (expiredCert) { return cb(null, expiredCert); }
// If we get here that means this domain hasn't been registered yet
// Security Warning: you should either manually register domains
// and return null here or check that the sni header isn't being
// spoofed and this is actually a domain you own before registering
//
// cb(null, null);
var hostname = args.domains[0];
console.log("[TODO] check that '" + hostname + "' is one I expect");
args.agreeTos = true;
args.email = 'user@example.com';
le.register(args, cb);
}
});
//
// Express App
//
var app = require('express')();
app.use('/', le.middleware());
//
// HTTP & HTTPS servers
//
require('http').createServer(app).listen(config.plainPort, function () {
console.log('Listening http', this.address());
});
require('https').createServer({
key: config.tlsKey
, cert: config.tlsCert
, SNICallback: le.sniCallback
}, app).listen(config.tlsPort, function () {
console.log('Listening http', this.address());
});