acme-http-01-cli.js/README.md

94 lines
2.5 KiB
Markdown

# [greenlock-challenge-http](https://git.coolaj86.com/coolaj86/greenlock-challenge-http.js)
| A [Root](https://rootprojects.org) Project |
An extremely simple reference implementation
of an ACME (Let's Encrypt) http-01 challenge strategy
for [Greenlock](https://git.coolaj86.com/coolaj86/greenlock-express.js) v2.7+ (and v3).
```
GET http://example.com/.well-known/acme-challenge/xxxxxxxxxxxxxxxx
```
* Prints the ACME challenge URL and Key Authorization to the terminal
* (waits for you to hit enter before continuing)
* Asks you to enter (or upload) the Key Authorization challenge response.
* Let's you know when the challenge as succeeded or failed, and is safe to remove.
Other ACME Challenge Reference Implementations:
* [greenlock-challenge-manual](https://git.coolaj86.com/coolaj86/greenlock-challenge-manual.js.git)
* [**greenlock-challenge-http**](https://git.coolaj86.com/coolaj86/greenlock-challenge-http.js.git)
* [greenlock-challenge-dns](https://git.coolaj86.com/coolaj86/greenlock-challenge-dns.js.git)
Install
-------
```bash
npm install --save greenlock-challenge-http@3.x
```
Usage
-----
```bash
var Greenlock = require('greenlock');
Greenlock.create({
...
, challenges: { 'http-01': require('greenlock-challenge-http').create({ debug: true })
, 'dns-01': require('greenlock-challenge-dns')
, 'tls-alpn-01': require('greenlock-challenge-manual')
}
...
});
```
Note: If you request a certificate with 6 domains listed,
it will require 6 individual challenges.
Exposed (Promise) Methods
---------------
For ACME Challenge:
* `set(opts)`
* `remove(opts)`
The `http-01` strategy does not support wildcard domains (whereas `dns-01` does).
The options will look like this (which you can see when `debug: true` is set):
```js
{ challenge: {
type: 'http-01'
, identifier: { type: 'dns', value: 'example.com' }
, wildcard: false
, expires: '2012-01-01T12:00:00.000Z'
, token: 'abc123'
, thumbprint: '<<account key thumbprint>>'
, keyAuthorization: 'abc123.xxxx'
, dnsHost: '_acme-challenge.example.com'
, dnsAuthorization: 'yyyy'
, altname: 'example.com'
}
}
```
Optional:
* `get(limitedOpts)`
Because the get method is apart from the main flow (such as a DNS query),
it's not always implemented and the options are much more limited in scope:
```js
{ challenge: {
type: 'http-01'
, identifier: { type: 'dns', value: 'example.com' }
, wildcard: false
, token: 'abc123'
, altname: 'example.com'
}
}
```