v1.1.1: update urls

.gitignore

@@ -25,7 +25,3 @@ build/Release
 # Deployed apps should consider commenting this line out:
 # see https://npmjs.org/doc/faq.html#Should-I-check-my-node_modules-folder-into-git
 node_modules
-
-# IntelliJ
-.idea
-*.iml

README.md

@@ -125,74 +125,6 @@ So instead of trying to work through eleventeen brazillion errors
 about self-signed certs, you can just create an authority and then
 add the authority to your chain (viola, now it's trusted).
 
-Client Authentication
-====
-
-In the example above, the server trusts the client without the need for the client to be authenticated.
-So, a common enhancement to the example above would be to add client authentication.
-To add client authentication, it's necessary to generate a client key and have it signed by the CA defined above.
-Execute `make-client-key-certificate.sh` to generate key and certificate.
-To use generated key and certificate, `key`, `cert` and `passphrase` TLS options need to be added, e.g.:
-
-```
-var ca = fs.readFileSync(path.join(__dirname, 'certs', 'client', 'chain.pem'));
-var key = fs.readFileSync(path.join(__dirname, 'certs', 'client-auth', 'privkey.pem'));
-var passphrase = 'secret';
-var cert = fs.readFileSync(path.join(__dirname, 'certs', 'client-auth', 'cert.pem'));
-
-var options = {
-  host: hostname
-, port: port
-, path: '/'
-, ca: ca
-, key: key
-, passphrase: passphrase
-, cert: cert
-};
-```
-
-Generating Java Key Stores
-====
-
-If the server component is written in Java, the server needs to be plugged with a Java KeyStore containing security certificates.
-In the example above, the `fullchain.pem` file needs to be converted into a Java KeyStore file.
-To create a Java KeyStore file, the JDK needs to be installed and have `keytool` utility in the path.
-To do that, please follow these instructions:
-
-    $ mkdir certs/java/server
-    $ openssl pkcs12 \
-      -export \
-      -inkey certs/server/privkey.pem \
-      -in certs/server/fullchain.pem \
-      -name test \
-      -out certs/java/server/keystore_server.p12
-    $ keytool \
-      -importkeystore \
-      -srckeystore certs/java/server/keystore_server.p12 \
-      -srcstoretype pkcs12 \
-      -destkeystore certs/java/server/keystore_server.jks
-
-Trust Store for Client Authentication
-----
-
-If using client authentication, it is necessary for the server to trust to the client.
-To do that, it's necessary for a trust store to be created that contains the client's public key.
-Such a trust store can be created using these steps:
-
-    $ rsync -a certs/ca/my-root-ca.crt.pem certs/client-auth/chain.pem
-    $ cat certs/client-auth/cert.pem certs/client-auth/chain.pem > certs/client-auth/fullchain.pem
-    $ openssl pkcs12
-      \-export
-      \-inkey certs/client-auth/privkey.pem
-      \-in certs/client-auth/fullchain.pem
-      \-name test
-      \-out certs/infinispan/trustore_server.p12
-    $ keytool
-      \-importkeystore
-      \-srckeystore certs/infinispan/trustore_server.p12
-      \-srcstoretype pkcs12
-      \-destkeystore certs/infinispan/trustore_server.jks
-
 Other SSL Resources
 =========
 
@@ -202,7 +134,6 @@ Zero-Config clone 'n' run (tm) Repos:
 * [node.js HTTPS SSL Example](https://github.com/coolaj86/nodejs-ssl-example)
 * [node.js HTTPS SSL Self-Signed Certificate Example](https://git.coolaj86.com/coolaj86/nodejs-self-signed-certificate-example)
 * [node.js HTTPS SSL Trusted Peer Client Certificate Example](https://github.com/coolaj86/nodejs-ssl-trusted-peer-example)
-* [node.js HTTPS SSL module for Loopback](https://www.npmjs.com/package/loopback-ssl)
 * [SSL Root CAs](https://github.com/coolaj86/node-ssl-root-cas)
 
 Articles

make-client-key-and-certificate.sh

@@ -1,38 +0,0 @@
-#!/bin/bash
-FQDN=$1
-
-# make directories to work from
-mkdir -p certs/{client-auth}
-
-# Generate a client private key
-openssl genrsa \
-  -passout pass:secret \
-  -out certs/client-auth/privkey.pem \
-  2048
-
-
-# Create a request from your Device, which your Root CA will sign
-openssl req -new \
-  -key certs/client-auth/privkey.pem \
-  -out certs/tmp/client-csr.pem \
-  -subj "/C=US/ST=Utah/L=Provo/O=ACME Tech Inc/CN=${FQDN}"
-
-# Sign the request from Device with your Root CA
-openssl x509 \
-  -req -in certs/tmp/client-csr.pem \
-  -CA certs/ca/my-root-ca.crt.pem \
-  -CAkey certs/ca/my-root-ca.key.pem \
-  -CAcreateserial \
-  -out certs/client-auth/cert.pem \
-  -days 500
-
-# Create a public key, for funzies
-# see https://gist.github.com/coolaj86/f6f36efce2821dfb046d
-openssl rsa \
-  -in certs/server/privkey.pem \
-  -pubout -out certs/client/pubkey.pem
-
-# Put things in their proper place
-rsync -a certs/ca/my-root-ca.crt.pem certs/server/chain.pem
-rsync -a certs/ca/my-root-ca.crt.pem certs/client/chain.pem
-cat certs/server/cert.pem certs/server/chain.pem > certs/server/fullchain.pem

package.json

@@ -1,6 +1,6 @@
 {
   "name": "nodejs-self-signed-certificate-example",
-  "version": "1.1.2",
+  "version": "1.1.1",
   "description": "The end off all your self-sign certificate woes (in node.js at least)",
   "main": "serve.js",
   "scripts": {