root
/
acme.js
mirror of https://github.com/therootcompany/acme.js
2
0
Fork 1
Code Issues 8 Releases Wiki Activity

update docs

This commit is contained in:
AJ ONeal 2019-10-22 20:02:30 -06:00
parent b1046222dc
commit 7e6a66c1d8
1 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
README.md
View File

@ -126,6 +126,19 @@ you **SHOULD NOT** pass the _customer_ email as the subscriber email.
If you are not running a service (you may be building a CLI, for example), If you are not running a service (you may be building a CLI, for example),
then you should prompt the user for their email address, and they are the subscriber. then you should prompt the user for their email address, and they are the subscriber.
### Overview
1. Create an instance of ACME.js
2. Create and SAVE a Subscriber Account private key
3. Retrieve the Let's Encrypt Subscriber account (with the key)
- the account will be created if it doesn't exist
4. Create a Server Key
- this should be per-server, or perhaps per-end-user
5. Create a Certificate Signing Request
- International Domain Names must be converted with `punycode`
6. Create an ACME Order
- use a challenge plugin for HTTP-01 or DNS-01 challenges
### Instantiate ACME.js ### Instantiate ACME.js
Although built for Let's Encrypt, ACME.js will work with any server Although built for Let's Encrypt, ACME.js will work with any server
@ -200,6 +213,7 @@ var CSR = require('@root/csr');
var Enc = require('@root/encoding'); var Enc = require('@root/encoding');
// 'subject' should be first in list // 'subject' should be first in list
// the domains may be in any order, but it should be consistent
var sortedDomains = ['example.com', 'www.example.com']; var sortedDomains = ['example.com', 'www.example.com'];
var csr = await CSR.csr({ var csr = await CSR.csr({
jwk: certKeypair.private, jwk: certKeypair.private,
@ -258,7 +272,9 @@ var challenges = {
console.info(opts.keyAuthorization); console.info(opts.keyAuthorization);
while ( while (
!window.confirm('Upload the challenge file before continuing.') !window.confirm('Upload the challenge file before continuing.')
) {} ) {
// spin and wait for the user to upload the challenge file
}
return Promise.resolve(); return Promise.resolve();
}, },
remove: function(opts) { remove: function(opts) {
@ -269,6 +285,29 @@ var challenges = {
}; };
``` ```
Many challenge plugins are already available for popular platforms.
Search `acme-http-01-` or `acme-dns-01-` on npm to find more.
- [x] DNS-01 Challenges
- CloudFlare
- [Digital Ocean](https://git.rootprojects.org/root/acme-dns-01-digitalocean.js)
- [DNSimple](https://git.rootprojects.org/root/acme-dns-01-dnsimple.js)
- [DuckDNS](https://git.rootprojects.org/root/acme-dns-01-duckdns.js)
- [GoDaddy](https://git.rootprojects.org/root/acme-dns-01-godaddy.js)
- [Gandi](https://git.rootprojects.org/root/acme-dns-01-gandi.js)
- [NameCheap](https://git.rootprojects.org/root/acme-dns-01-namecheap.js)
- [Name.com](https://git.rootprojects.org/root/acme-dns-01-namedotcom.js)
- Route53 (AWS)
- [Vultr](https://git.rootprojects.org/root/acme-dns-01-vultr.js)
- Build your own
- [x] HTTP-01 Challenges
- [In-Memory](https://git.rootprojects.org/root/acme-http-01-standalone.js) (Standalone)
- [FileSystem](https://git.rootprojects.org/root/acme-http-01-webroot.js) (WebRoot)
- S3 (AWS, Digital Ocean, etc)
- [x] TLS-ALPN-01 Challenges
- Contact us to learn about Greenlock Pro
# IDN - International Domain Names # IDN - International Domain Names
Convert domain names to `punycode` before creating the certificate: Convert domain names to `punycode` before creating the certificate: