forked from root/acme.js
email -> subscriberEmail
This commit is contained in:
parent
2b0fce0869
commit
080497bf4c
25
README.md
25
README.md
|
@ -77,6 +77,24 @@ var ACME = window.ACME;
|
|||
|
||||
You can see `tests/index.js`, `examples/index.html`, `examples/app.js` in the repo for full example usage.
|
||||
|
||||
### Emails: Maintainer vs Subscriber vs Customer
|
||||
|
||||
- `maintainerEmail` should be the email address of the **author of the code**.
|
||||
This person will receive critical security and API change notifications.
|
||||
- `subscriberEmail` should be the email of the **admin of the hosting service**.
|
||||
This person agrees to the Let's Encrypt Terms of Service and will be notified
|
||||
when a certificate fails to renew.
|
||||
- `customerEmail` should be the email of individual who owns the domain.
|
||||
This is optional (not currently implemented).
|
||||
|
||||
Generally speaking **YOU** are the _maintainer_ and you **or your employer** is the _subscriber_.
|
||||
|
||||
If you (or your employer) is running any type of service
|
||||
you **SHOULD NOT** pass the _customer_ email as the subscriber email.
|
||||
|
||||
If you are not running a service (you may be building a CLI, for example),
|
||||
then you should prompt the user for their email address, and they are the subscriber.
|
||||
|
||||
### Instantiate ACME.js
|
||||
|
||||
Although built for Let's Encrypt, ACME.js will work with any server
|
||||
|
@ -85,7 +103,9 @@ that supports draft-15 of the ACME spec (includes POST-as-GET support).
|
|||
The `init()` method takes a _directory url_ and initializes internal state according to its response.
|
||||
|
||||
```js
|
||||
var acme = ACME.create({});
|
||||
var acme = ACME.create({
|
||||
maintainerEmail: 'jon@example.com'
|
||||
});
|
||||
acme.init('https://acme-staging-v02.api.letsencrypt.org/directory').then(
|
||||
function() {
|
||||
// Ready to use, show page
|
||||
|
@ -119,7 +139,7 @@ Keypairs.generate({ kty: 'EC' }).then(function(pair) {
|
|||
}
|
||||
},
|
||||
accountKeypair: { privateKeyJwk: pair.private },
|
||||
email: $('.js-email-input').value
|
||||
subscriberEmail: $('.js-email-input').value
|
||||
})
|
||||
.then(function(_account) {
|
||||
account = _account;
|
||||
|
@ -151,6 +171,7 @@ Keypairs.generate({ kty: 'EC' }).then(function(pair) {
|
|||
serverKeypair: { privateKeyJwk: serverPrivateKey },
|
||||
domains: ['example.com', 'www.example.com'],
|
||||
challenges: challenges, // must be implemented
|
||||
customerEmail: null,
|
||||
skipDryRun: true
|
||||
})
|
||||
.then(function(results) {
|
||||
|
|
|
@ -165,8 +165,11 @@ ACME._registerAccount = function(me, options) {
|
|||
var contact;
|
||||
if (options.contact) {
|
||||
contact = options.contact.slice(0);
|
||||
} else if (options.email) {
|
||||
contact = ['mailto:' + options.email];
|
||||
} else if (options.subscriberEmail || options.email) {
|
||||
contact = [
|
||||
'mailto:' +
|
||||
(options.subscriberEmail || options.email)
|
||||
];
|
||||
}
|
||||
var accountRequest = {
|
||||
termsOfServiceAgreed: tosUrl === me._tos,
|
||||
|
|
|
@ -90,7 +90,7 @@ async function happyPath(accKty, srvKty, rnd) {
|
|||
agreeToTerms: agree,
|
||||
// TODO detect jwk/pem/der?
|
||||
accountKeypair: { privateKeyJwk: accountKeypair.private },
|
||||
email: config.email
|
||||
subscriberEmail: config.email
|
||||
});
|
||||
// TODO top-level agree
|
||||
function agree(tos) {
|
||||
|
@ -143,6 +143,7 @@ async function happyPath(accKty, srvKty, rnd) {
|
|||
serverKeypair: { privateKeyJwk: serverKeypair.private },
|
||||
domains: domains,
|
||||
challenges: challenges, // must be implemented
|
||||
customerEmail: null,
|
||||
skipDryRun: true
|
||||
});
|
||||
|
||||
|
|
Loading…
Reference in New Issue