examples in README.md
This commit is contained in:
parent
b430cbce7a
commit
bcad51d046
123
README.md
123
README.md
|
@ -41,34 +41,48 @@ You will follow these steps to obtain certificates:
|
||||||
|
|
||||||
var LeCore = require('letiny-core');
|
var LeCore = require('letiny-core');
|
||||||
|
|
||||||
var accountPrivateKeyPem = '...'; // leCrypto.generateRsaKeypair(bitLen, exp, cb)
|
var email = 'user@example.com'; // CHANGE TO YOUR EMAIL
|
||||||
var domainPrivateKeyPem = '...'; // (same)
|
var domains = 'example.com'; // CHANGE TO YOUR DOMAIN
|
||||||
var challengeStore = { /*get, set, remove*/ }; // see below for example
|
var acmeDiscoveryUrl = LeCore.stagingServerUrl; // CHANGE to production, when ready
|
||||||
|
|
||||||
LeCore.getAcmeUrls(
|
var challengeStore = require('./challenge-store');
|
||||||
LeCore.stagingServerUrl // or choose LeCore.productionServerUrl
|
var certStore = require('./cert-store');
|
||||||
, function (err, urls) {
|
var serve = require('./serve');
|
||||||
|
var closer;
|
||||||
|
|
||||||
|
var accountPrivateKeyPem = null;
|
||||||
|
var domainPrivateKeyPem = null;
|
||||||
|
var acmeUrls = null;
|
||||||
|
|
||||||
|
LeCore.leCrypto.generateRsaKeypair(2048, 65537, function (err, pems) {
|
||||||
|
// ...
|
||||||
|
LeCore.getAcmeUrls(acmeDiscoveryUrl, function (err, urls) {
|
||||||
|
// ...
|
||||||
|
runDemo();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
function runDemo() {
|
||||||
LeCore.registerNewAccount(
|
LeCore.registerNewAccount(
|
||||||
{ newRegUrl: urls.newReg
|
{ newRegUrl: acmeUrls.newReg
|
||||||
, email: 'user@example.com'
|
, email: email
|
||||||
, accountPrivateKeyPem: accountPrivateKeyPem
|
, accountPrivateKeyPem: accountPrivateKeyPem
|
||||||
, agreeToTerms: function (tosUrl, done) {
|
, agreeToTerms: function (tosUrl, done) {
|
||||||
// agree to these exact terms
|
|
||||||
|
// agree to the exact version of these terms
|
||||||
done(null, tosUrl);
|
done(null, tosUrl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
, function (err, regr) {
|
, function (err, regr) {
|
||||||
|
|
||||||
// Note: you should save the registration
|
console.log('Registering New Certificate');
|
||||||
// record to disk (or db)
|
|
||||||
|
|
||||||
LeCore.getCertificate(
|
LeCore.getCertificate(
|
||||||
{ newAuthzUrl: urls.newAuthz
|
{ newAuthzUrl: acmeUrls.newAuthz
|
||||||
, newCertUrl: urls.newCert
|
, newCertUrl: acmeUrls.newCert
|
||||||
|
|
||||||
, domainPrivateKeyPem: domainPrivateKeyPem
|
, domainPrivateKeyPem: domainPrivateKeyPem
|
||||||
, accountPrivateKeyPem: accountPrivateKeyPem
|
, accountPrivateKeyPem: accountPrivateKeyPem
|
||||||
|
, domains: domains
|
||||||
|
|
||||||
, setChallenge: challengeStore.set
|
, setChallenge: challengeStore.set
|
||||||
, removeChallenge: challengeStore.remove
|
, removeChallenge: challengeStore.remove
|
||||||
|
@ -76,15 +90,28 @@ LeCore.getAcmeUrls(
|
||||||
, function (err, certs) {
|
, function (err, certs) {
|
||||||
|
|
||||||
// Note: you should save certs to disk (or db)
|
// Note: you should save certs to disk (or db)
|
||||||
|
certStore.set(domains[0], certs, function () {
|
||||||
|
|
||||||
}
|
// ...
|
||||||
)
|
|
||||||
|
});
|
||||||
|
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Setup the Server
|
||||||
|
//
|
||||||
|
closer = serve.init({
|
||||||
|
LeCore: LeCore
|
||||||
|
// needs a default key and cert chain, anything will do
|
||||||
|
, httpsOptions: require('localhost.daplie.com-certificates')
|
||||||
|
, challengeStore: challengeStore
|
||||||
|
, certStore: certStore
|
||||||
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Run a Server on 80, 443, and 5001 (https/tls)
|
#### Run a Server on 80, 443, and 5001 (https/tls)
|
||||||
|
@ -92,26 +119,57 @@ LeCore.getAcmeUrls(
|
||||||
That will fail unless you have a webserver running on 80 and 443 (or 5001)
|
That will fail unless you have a webserver running on 80 and 443 (or 5001)
|
||||||
to respond to `/.well-known/acme-challenge/xxxxxxxx` with the proper token
|
to respond to `/.well-known/acme-challenge/xxxxxxxx` with the proper token
|
||||||
|
|
||||||
```javascript
|
**But wait**, there's more!
|
||||||
var localCerts = require('localhost.daplie.com-certificates'); // needs default certificates
|
See [example/serve.js](https://github.com/Daplie/letiny-core/blob/master/example/serve.js)
|
||||||
var http = require('http');
|
|
||||||
var httsp = require('https');
|
|
||||||
|
|
||||||
|
```javascript
|
||||||
|
var https = require('https');
|
||||||
|
var http = require('http');
|
||||||
|
|
||||||
|
|
||||||
|
var LeCore = deps.LeCore;
|
||||||
|
var httpsOptions = deps.httpsOptions;
|
||||||
|
var challengeStore = deps.challengeStore;
|
||||||
|
var certStore = deps.certStore;
|
||||||
|
|
||||||
|
|
||||||
|
//
|
||||||
|
// Challenge Handler
|
||||||
|
//
|
||||||
function acmeResponder(req, res) {
|
function acmeResponder(req, res) {
|
||||||
if (0 !== req.url.indexOf(LeCore.acmeChallengePrefixUrl)) {
|
if (0 !== req.url.indexOf(LeCore.acmeChallengePrefix)) {
|
||||||
res.end('Hello World!');
|
res.end('Hello World!');
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
LeCore.
|
var key = req.url.slice(LeCore.acmeChallengePrefix.length);
|
||||||
|
|
||||||
|
challengeStore.get(req.hostname, key, function (err, val) {
|
||||||
|
res.end(val || 'Error');
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
http.createServer()
|
|
||||||
|
//
|
||||||
|
// Server
|
||||||
|
//
|
||||||
|
https.createServer(httpsOptions, acmeResponder).listen(5001, function () {
|
||||||
|
console.log('Listening https on', this.address());
|
||||||
|
});
|
||||||
|
http.createServer(acmeResponder).listen(80, function () {
|
||||||
|
console.log('Listening http on', this.address());
|
||||||
|
});
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### Put some storage in place
|
||||||
|
|
||||||
Finally, you need an implementation of `challengeStore`:
|
Finally, you need an implementation of `challengeStore`:
|
||||||
|
|
||||||
#### Put some storage in place
|
**But wait**, there's more!
|
||||||
|
See
|
||||||
|
|
||||||
|
* [example/challenge-store.js](https://github.com/Daplie/letiny-core/blob/master/challenge-store.js)
|
||||||
|
* [example/cert-store.js](https://github.com/Daplie/letiny-core/blob/master/cert-store.js)
|
||||||
|
|
||||||
```javascript
|
```javascript
|
||||||
var challengeCache = {};
|
var challengeCache = {};
|
||||||
|
@ -128,6 +186,21 @@ var challengeStore = {
|
||||||
cb(null);
|
cb(null);
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
var certCache = {};
|
||||||
|
var certStore = {
|
||||||
|
set: function (hostname, certs, cb) {
|
||||||
|
certCache[hostname] = certs;
|
||||||
|
cb(null);
|
||||||
|
}
|
||||||
|
, get: function (hostname, cb) {
|
||||||
|
cb(null, certCache[hostname]);
|
||||||
|
}
|
||||||
|
, remove: function (hostname, cb) {
|
||||||
|
delete certCache[hostname];
|
||||||
|
cb(null);
|
||||||
|
}
|
||||||
|
};
|
||||||
```
|
```
|
||||||
|
|
||||||
## API
|
## API
|
||||||
|
|
Loading…
Reference in New Issue