le-sni-auto.js/README.md

le-sni-auto
===========

**DRAFT** this is not yet published to npm

An auto-sni strategy for registering and renewing letsencrypt certificates using SNICallback.

This does a couple of rather simple things:

  * caches certificates in memory
  * calls `getCertificatesAsync(domain, null)` when a certificate is not in memory
  * calls `getCertificatesASync(domain, certs)` when a certificate is up for renewal or expired

Install
=======

```bash
npm install --save le-sni-auto@2.x
```

Usage
=====

With node-letsencrypt
---------------------

```javascript
'use strict';


var leSni = require('le-sni-auto').create({

  notBefore: 10 * 24 * 60 * 60 1000       // do not renew more than 10 days before expiration
, notAfter: 5 * 24 * 60 * 60 1000         // do not wait more than 5 days before expiration

, httpsOptions: {
    rejectUnauthorized: true              // These options will be used with tls.createSecureContext()
  , requestCert: false                    // in addition to key (privkey.pem) and cert (cert.pem + chain.pem),
  , ca: null                              // which are provided by letsencrypt
  , crl: null
  }

});


var le = require('letsencrypt').create({
  server: 'staging'

, sni: leSni

, approveDomains: function (domain, cb) {
    // here you would lookup details such as email address in your db
    cb(null, { email: 'john.doe@gmail.com.', domains: [domain, 'www.' + domain], agreeTos: true }}
  }
});


var app = require('express')();
var httpsOptions = { SNICallback: le.sni.callback };

httpsOptions = require('localhost.daplie.com-certificates').merge(httpsOptions);


http.createServer(le.handleAcmeOrRedirectToHttps());
https.createServer(dummyCerts, le.handleAcmeOrUse(app)).listen(443);
```

You can also provide a thunk-style `getCertificates(domain, certs, cb)`.

Standalone
----------

```javascript
'use strict';


var le = require('letsencrypt').create({
  notBefore: 10 * 24 * 60 * 60 1000       // do not renew prior to 10 days before expiration
, notAfter: 5 * 24 * 60 * 60 1000         // do not wait more than 5 days before expiration

  // key (privkey.pem) and cert (cert.pem + chain.pem) will be provided by letsencrypt
, httpsOptions: { rejectUnauthorized: true, requestCert: false, ca: null, crl: null }

, getCertificatesAsync: function (domain, certs) {
    // return a promise with an object with the following keys:
    // { privkey, cert, chain, expiresAt, issuedAt, subject, altnames }
  }
});


var dummyCerts = require('localhost.daplie.com-certificates');
dummyCerts.SNICallback = le.sni.sniCallback;

https.createServer(dummyCerts, );
```

You can also provide a thunk-style `getCertificates(domain, certs, cb)`.
initial commit 2016-08-11 00:37:03 +00:00			`le-sni-auto`
			`===========`

			`DRAFT this is not yet published to npm`

			`An auto-sni strategy for registering and renewing letsencrypt certificates using SNICallback.`

			`This does a couple of rather simple things:`

			`* caches certificates in memory`
			* calls `getCertificatesAsync(domain, null)` when a certificate is not in memory
			* calls `getCertificatesASync(domain, certs)` when a certificate is up for renewal or expired

			`Install`
			`=======`

			```bash
			`npm install --save le-sni-auto@2.x`
			```

			`Usage`
			`=====`

			`With node-letsencrypt`
			`---------------------`

			```javascript
			`'use strict';`



			`var leSni = require('le-sni-auto').create({`

			`notBefore: 10 * 24 * 60 * 60 1000 // do not renew more than 10 days before expiration`
			`, notAfter: 5 * 24 * 60 * 60 1000 // do not wait more than 5 days before expiration`

			`, httpsOptions: {`
			`rejectUnauthorized: true // These options will be used with tls.createSecureContext()`
			`, requestCert: false // in addition to key (privkey.pem) and cert (cert.pem + chain.pem),`
			`, ca: null // which are provided by letsencrypt`
			`, crl: null`
			`}`

			`});`



			`var le = require('letsencrypt').create({`
			`server: 'staging'`

			`, sni: leSni`

			`, approveDomains: function (domain, cb) {`
			`// here you would lookup details such as email address in your db`
			`cb(null, { email: 'john.doe@gmail.com.', domains: [domain, 'www.' + domain], agreeTos: true }}`
			`}`
			`});`



			`var app = require('express')();`
			`var httpsOptions = { SNICallback: le.sni.callback };`

			`httpsOptions = require('localhost.daplie.com-certificates').merge(httpsOptions);`


			`http.createServer(le.handleAcmeOrRedirectToHttps());`
			`https.createServer(dummyCerts, le.handleAcmeOrUse(app)).listen(443);`
			```

			You can also provide a thunk-style `getCertificates(domain, certs, cb)`.

			`Standalone`
			`----------`

			```javascript
			`'use strict';`


			`var le = require('letsencrypt').create({`
			`notBefore: 10 * 24 * 60 * 60 1000 // do not renew prior to 10 days before expiration`
			`, notAfter: 5 * 24 * 60 * 60 1000 // do not wait more than 5 days before expiration`

			`// key (privkey.pem) and cert (cert.pem + chain.pem) will be provided by letsencrypt`
			`, httpsOptions: { rejectUnauthorized: true, requestCert: false, ca: null, crl: null }`

			`, getCertificatesAsync: function (domain, certs) {`
			`// return a promise with an object with the following keys:`
			`// { privkey, cert, chain, expiresAt, issuedAt, subject, altnames }`
			`}`
			`});`




			`var dummyCerts = require('localhost.daplie.com-certificates');`
			`dummyCerts.SNICallback = le.sni.sniCallback;`

			`https.createServer(dummyCerts, );`
			```

			You can also provide a thunk-style `getCertificates(domain, certs, cb)`.