v1.1.1: update urls

2018-10-18 21:38:27 -06:00
4 changed files with 1 additions and 112 deletions
--- a/.gitignore
+++ b/.gitignore
@ -25,7 +25,3 @@ build/Release
 # Deployed apps should consider commenting this line out:
 # see https://npmjs.org/doc/faq.html#Should-I-check-my-node_modules-folder-into-git
 node_modules
 # IntelliJ
 .idea
 *.iml
--- a/README.md
+++ b/README.md
@ -125,74 +125,6 @@ So instead of trying to work through eleventeen brazillion errors
 about self-signed certs, you can just create an authority and then
 add the authority to your chain (viola, now it's trusted).
 Client Authentication
 ====
 In the example above, the server trusts the client without the need for the client to be authenticated.
 So, a common enhancement to the example above would be to add client authentication.
 To add client authentication, it's necessary to generate a client key and have it signed by the CA defined above.
 Execute `make-client-key-certificate.sh` to generate key and certificate.
 To use generated key and certificate, `key`, `cert` and `passphrase` TLS options need to be added, e.g.:
 ```
 var ca = fs.readFileSync(path.join(__dirname, 'certs', 'client', 'chain.pem'));
 var key = fs.readFileSync(path.join(__dirname, 'certs', 'client-auth', 'privkey.pem'));
 var passphrase = 'secret';
 var cert = fs.readFileSync(path.join(__dirname, 'certs', 'client-auth', 'cert.pem'));
 var options = {
  host: hostname
 , port: port
 , path: '/'
 , ca: ca
 , key: key
 , passphrase: passphrase
 , cert: cert
 };
 ```
 Generating Java Key Stores
 ====
 If the server component is written in Java, the server needs to be plugged with a Java KeyStore containing security certificates.
 In the example above, the `fullchain.pem` file needs to be converted into a Java KeyStore file.
 To create a Java KeyStore file, the JDK needs to be installed and have `keytool` utility in the path.
 To do that, please follow these instructions:
    $ mkdir certs/java/server
    $ openssl pkcs12 \
      -export \
      -inkey certs/server/privkey.pem \
      -in certs/server/fullchain.pem \
      -name test \
      -out certs/java/server/keystore_server.p12
    $ keytool \
      -importkeystore \
      -srckeystore certs/java/server/keystore_server.p12 \
      -srcstoretype pkcs12 \
      -destkeystore certs/java/server/keystore_server.jks
 Trust Store for Client Authentication
 ----
 If using client authentication, it is necessary for the server to trust to the client.
 To do that, it's necessary for a trust store to be created that contains the client's public key.
 Such a trust store can be created using these steps:
    $ rsync -a certs/ca/my-root-ca.crt.pem certs/client-auth/chain.pem
    $ cat certs/client-auth/cert.pem certs/client-auth/chain.pem > certs/client-auth/fullchain.pem
    $ openssl pkcs12
      \-export
      \-inkey certs/client-auth/privkey.pem
      \-in certs/client-auth/fullchain.pem
      \-name test
      \-out certs/infinispan/trustore_server.p12
    $ keytool
      \-importkeystore
      \-srckeystore certs/infinispan/trustore_server.p12
      \-srcstoretype pkcs12
      \-destkeystore certs/infinispan/trustore_server.jks
 Other SSL Resources
 =========
@ -202,7 +134,6 @@ Zero-Config clone 'n' run (tm) Repos:
 * [node.js HTTPS SSL Example](https://github.com/coolaj86/nodejs-ssl-example)
 * [node.js HTTPS SSL Self-Signed Certificate Example](https://git.coolaj86.com/coolaj86/nodejs-self-signed-certificate-example)
 * [node.js HTTPS SSL Trusted Peer Client Certificate Example](https://github.com/coolaj86/nodejs-ssl-trusted-peer-example)
 * [node.js HTTPS SSL module for Loopback](https://www.npmjs.com/package/loopback-ssl)
 * [SSL Root CAs](https://github.com/coolaj86/node-ssl-root-cas)
 Articles
--- a/make-client-key-and-certificate.sh
+++ b/make-client-key-and-certificate.sh
@ -1,38 +0,0 @@
 #!/bin/bash
 FQDN=$1
 # make directories to work from
 mkdir -p certs/{client-auth}
 # Generate a client private key
 openssl genrsa \
  -passout pass:secret \
  -out certs/client-auth/privkey.pem \
  2048
 # Create a request from your Device, which your Root CA will sign
 openssl req -new \
  -key certs/client-auth/privkey.pem \
  -out certs/tmp/client-csr.pem \
  -subj "/C=US/ST=Utah/L=Provo/O=ACME Tech Inc/CN=${FQDN}"
 # Sign the request from Device with your Root CA
 openssl x509 \
  -req -in certs/tmp/client-csr.pem \
  -CA certs/ca/my-root-ca.crt.pem \
  -CAkey certs/ca/my-root-ca.key.pem \
  -CAcreateserial \
  -out certs/client-auth/cert.pem \
  -days 500
 # Create a public key, for funzies
 # see https://gist.github.com/coolaj86/f6f36efce2821dfb046d
 openssl rsa \
  -in certs/server/privkey.pem \
  -pubout -out certs/client/pubkey.pem
 # Put things in their proper place
 rsync -a certs/ca/my-root-ca.crt.pem certs/server/chain.pem
 rsync -a certs/ca/my-root-ca.crt.pem certs/client/chain.pem
 cat certs/server/cert.pem certs/server/chain.pem > certs/server/fullchain.pem
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "nodejs-self-signed-certificate-example",
-  "version": "1.1.2",
+  "version": "1.1.1",
  "description": "The end off all your self-sign certificate woes (in node.js at least)",
  "main": "serve.js",
  "scripts": {