acme.js/README.md

acme-v2.js
==========

| Sponsored by [ppl](https://ppl.family)

A framework for building letsencrypt clients (and other ACME v2 clients), forked from `le-acme-core.js`.

Summary of spec that I'm working off of here: https://git.coolaj86.com/coolaj86/greenlock.js/issues/5#issuecomment-8

In progress

* Mar 15, 2018 - get directory
* Mar 15, 2018 - get nonce
* Mar 15, 2018 - generate account keypair
* Mar 15, 2018 - create account
* Mar 16, 2018 - new order
* Mar 16, 2018 - get challenges
* Mar 20, 2018 - respond to challenges
* Mar 20, 2018 - generate domain keypair
* Mar 20, 2018 - finalize order (submit csr)
* Mar 20, 2018 - poll for status
* Mar 20, 2018 - download certificate
* Mar 20, 2018 - SUCCESS - got a test certificate (hard-coded)
* Mar 21, 2018 - can now accept values (not hard coded)
* Mar 21, 2018 - *mostly* matches le-acme-core.js API

Todo

* completely match api for acme v1 (le-acme-core.js)
* test http and dns challenges
* export http and dns challenge tests
* support ECDSA keys

## API

```
var ACME = require('acme-v2.js').ACME.create({
  RSA: require('rsa-compat').RSA
});
```

```javascript
// Accounts
ACME.registerNewAccount(options, cb)        // returns "regr" registration data

    { email: '<email>'                        //    valid email (server checks MX records)
    , accountKeypair: {                       //    privateKeyPem or privateKeyJwt
        privateKeyPem: '<ASCII PEM>'
      }
    , agreeToTerms: fn (tosUrl, cb) {}        //    must specify agree=tosUrl to continue (or falsey to end)
    }

// Registration
ACME.getCertificate(options, cb)            // returns (err, pems={ privkey (key), cert, chain (ca) })

    { newAuthzUrl: '<url>'                    //    specify acmeUrls.newAuthz
    , newCertUrl: '<url>'                     //    specify acmeUrls.newCert

    , domainKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , accountKeypair: {
        privateKeyPem: '<ASCII PEM>'
      }
    , domains: [ 'example.com' ]

    , setChallenge: fn (hostname, key, val, cb)
    , removeChallenge: fn (hostname, key, cb)
    }

// Discovery URLs
ACME.getAcmeUrls(acmeDiscoveryUrl, cb)      // returns (err, acmeUrls={newReg,newAuthz,newCert,revokeCert})
```

Helpers & Stuff

```javascript
// Constants
ACME.productionServerUrl                // https://acme-v02.api.letsencrypt.org/directory
ACME.stagingServerUrl                   // https://acme-staging-v02.api.letsencrypt.org/directory
ACME.acmeChallengePrefix                // /.well-known/acme-challenge/
```
initial commit 2018-03-15 06:41:00 +00:00			`acme-v2.js`
			`==========`

note sponsorship 2018-03-21 07:35:28 +00:00			`\| Sponsored by [ppl](https://ppl.family)`

initial commit 2018-03-15 06:41:00 +00:00			A framework for building letsencrypt clients (and other ACME v2 clients), forked from `le-acme-core.js`.

add note on spec, junk version 2018-03-15 06:43:41 +00:00			`Summary of spec that I'm working off of here: https://git.coolaj86.com/coolaj86/greenlock.js/issues/5#issuecomment-8`

initial commit 2018-03-15 06:41:00 +00:00			`In progress`

successful test! yay! 2018-03-20 07:24:36 +00:00			`* Mar 15, 2018 - get directory`
			`* Mar 15, 2018 - get nonce`
			`* Mar 15, 2018 - generate account keypair`
			`* Mar 15, 2018 - create account`
			`* Mar 16, 2018 - new order`
			`* Mar 16, 2018 - get challenges`
			`* Mar 20, 2018 - respond to challenges`
			`* Mar 20, 2018 - generate domain keypair`
			`* Mar 20, 2018 - finalize order (submit csr)`
			`* Mar 20, 2018 - poll for status`
			`* Mar 20, 2018 - download certificate`
			`* Mar 20, 2018 - SUCCESS - got a test certificate (hard-coded)`
not hard-coded, almost backwards compatible 2018-03-21 07:26:23 +00:00			`* Mar 21, 2018 - can now accept values (not hard coded)`
			`* Mar 21, 2018 - mostly matches le-acme-core.js API`
hard code more test functionality 2018-03-16 06:59:40 +00:00
successful test! yay! 2018-03-20 07:24:36 +00:00			`Todo`

not hard-coded, almost backwards compatible 2018-03-21 07:26:23 +00:00			`* completely match api for acme v1 (le-acme-core.js)`
			`* test http and dns challenges`
			`* export http and dns challenge tests`
			`* support ECDSA keys`

			`## API`

			```
			`var ACME = require('acme-v2.js').ACME.create({`
			`RSA: require('rsa-compat').RSA`
			`});`
			```

			```javascript
			`// Accounts`
			`ACME.registerNewAccount(options, cb) // returns "regr" registration data`

			`{ email: '<email>' // valid email (server checks MX records)`
			`, accountKeypair: { // privateKeyPem or privateKeyJwt`
			`privateKeyPem: '<ASCII PEM>'`
			`}`
			`, agreeToTerms: fn (tosUrl, cb) {} // must specify agree=tosUrl to continue (or falsey to end)`
			`}`

			`// Registration`
			`ACME.getCertificate(options, cb) // returns (err, pems={ privkey (key), cert, chain (ca) })`

			`{ newAuthzUrl: '<url>' // specify acmeUrls.newAuthz`
			`, newCertUrl: '<url>' // specify acmeUrls.newCert`

			`, domainKeypair: {`
			`privateKeyPem: '<ASCII PEM>'`
			`}`
			`, accountKeypair: {`
			`privateKeyPem: '<ASCII PEM>'`
			`}`
			`, domains: [ 'example.com' ]`

			`, setChallenge: fn (hostname, key, val, cb)`
			`, removeChallenge: fn (hostname, key, cb)`
			`}`

			`// Discovery URLs`
			`ACME.getAcmeUrls(acmeDiscoveryUrl, cb) // returns (err, acmeUrls={newReg,newAuthz,newCert,revokeCert})`
			```

			`Helpers & Stuff`

			```javascript
			`// Constants`
			`ACME.productionServerUrl // https://acme-v02.api.letsencrypt.org/directory`
			`ACME.stagingServerUrl // https://acme-staging-v02.api.letsencrypt.org/directory`
			`ACME.acmeChallengePrefix // /.well-known/acme-challenge/`
			```