forked from root/acme.js
This commit is contained in:
parent
0c3ff85d2f
commit
851d6d4299
|
@ -10,10 +10,14 @@ function resolveFn(cb) {
|
||||||
}
|
}
|
||||||
function rejectFn(cb) {
|
function rejectFn(cb) {
|
||||||
return function (err) {
|
return function (err) {
|
||||||
console.log('reject something or other:');
|
console.error('[acme-v2] handled(?) rejection as errback:');
|
||||||
console.log(err.stack);
|
console.error(err.stack);
|
||||||
|
|
||||||
// nextTick to get out of Promise chain
|
// nextTick to get out of Promise chain
|
||||||
process.nextTick(function () { cb(err); });
|
process.nextTick(function () { cb(err); });
|
||||||
|
|
||||||
|
// do not resolve promise further
|
||||||
|
return new Promise(function () {});
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
89
node.js
89
node.js
|
@ -97,7 +97,7 @@ ACME._getNonce = function (me) {
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
ACME._registerAccount = function (me, options) {
|
ACME._registerAccount = function (me, options) {
|
||||||
if (me.debug) { console.log('[acme-v2] accounts.create'); }
|
if (me.debug) console.debug('[acme-v2] accounts.create');
|
||||||
|
|
||||||
return ACME._getNonce(me).then(function () {
|
return ACME._getNonce(me).then(function () {
|
||||||
return new Promise(function (resolve, reject) {
|
return new Promise(function (resolve, reject) {
|
||||||
|
@ -141,8 +141,8 @@ ACME._registerAccount = function (me, options) {
|
||||||
);
|
);
|
||||||
|
|
||||||
delete jws.header;
|
delete jws.header;
|
||||||
if (me.debug) { console.log('[acme-v2] accounts.create JSON body:'); }
|
if (me.debug) console.debug('[acme-v2] accounts.create JSON body:');
|
||||||
if (me.debug) { console.log(jws); }
|
if (me.debug) console.debug(jws);
|
||||||
me._nonce = null;
|
me._nonce = null;
|
||||||
return me._request({
|
return me._request({
|
||||||
method: 'POST'
|
method: 'POST'
|
||||||
|
@ -152,18 +152,16 @@ ACME._registerAccount = function (me, options) {
|
||||||
}).then(function (resp) {
|
}).then(function (resp) {
|
||||||
me._nonce = resp.toJSON().headers['replay-nonce'];
|
me._nonce = resp.toJSON().headers['replay-nonce'];
|
||||||
var location = resp.toJSON().headers.location;
|
var location = resp.toJSON().headers.location;
|
||||||
if (me.debug) {
|
|
||||||
// the account id url
|
// the account id url
|
||||||
console.log('[DEBUG] new account location:');
|
|
||||||
console.log(location); // the account id url
|
|
||||||
console.log(resp.toJSON());
|
|
||||||
}
|
|
||||||
me._kid = location;
|
me._kid = location;
|
||||||
|
if (me.debug) console.debug('[DEBUG] new account location:');
|
||||||
|
if (me.debug) console.debug(location);
|
||||||
|
if (me.debug) console.debug(resp.toJSON());
|
||||||
return resp.body;
|
return resp.body;
|
||||||
}).then(resolve, reject);
|
}).then(resolve, reject);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (me.debug) { console.log('[acme-v2] agreeToTerms'); }
|
if (me.debug) console.debug('[acme-v2] agreeToTerms');
|
||||||
if (1 === options.agreeToTerms.length) {
|
if (1 === options.agreeToTerms.length) {
|
||||||
return options.agreeToTerms(me._tos).then(agree, reject);
|
return options.agreeToTerms(me._tos).then(agree, reject);
|
||||||
}
|
}
|
||||||
|
@ -201,7 +199,7 @@ ACME._registerAccount = function (me, options) {
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
ACME._getChallenges = function (me, options, auth) {
|
ACME._getChallenges = function (me, options, auth) {
|
||||||
if (me.debug) { console.log('\n[DEBUG] getChallenges\n'); }
|
if (me.debug) console.debug('\n[DEBUG] getChallenges\n');
|
||||||
return me._request({ method: 'GET', url: auth, json: true }).then(function (resp) {
|
return me._request({ method: 'GET', url: auth, json: true }).then(function (resp) {
|
||||||
return resp.body;
|
return resp.body;
|
||||||
});
|
});
|
||||||
|
@ -264,14 +262,14 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
, headers: { 'Content-Type': 'application/jose+json' }
|
, headers: { 'Content-Type': 'application/jose+json' }
|
||||||
, json: jws
|
, json: jws
|
||||||
}).then(function (resp) {
|
}).then(function (resp) {
|
||||||
console.log('[acme-v2.js] deactivate:');
|
if (me.debug) console.debug('[acme-v2.js] deactivate:');
|
||||||
console.log(resp.headers);
|
if (me.debug) console.debug(resp.headers);
|
||||||
console.log(resp.body);
|
if (me.debug) console.debug(resp.body);
|
||||||
console.log();
|
if (me.debug) console.debug();
|
||||||
|
|
||||||
me._nonce = resp.toJSON().headers['replay-nonce'];
|
me._nonce = resp.toJSON().headers['replay-nonce'];
|
||||||
if (me.debug) { console.log('deactivate challenge: resp.body:'); }
|
if (me.debug) console.debug('deactivate challenge: resp.body:');
|
||||||
if (me.debug) { console.log(resp.body); }
|
if (me.debug) console.debug(resp.body);
|
||||||
return ACME._wait(10 * 1000);
|
return ACME._wait(10 * 1000);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
@ -283,13 +281,13 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
|
|
||||||
count += 1;
|
count += 1;
|
||||||
|
|
||||||
if (me.debug) { console.log('\n[DEBUG] statusChallenge\n'); }
|
if (me.debug) console.debug('\n[DEBUG] statusChallenge\n');
|
||||||
return me._request({ method: 'GET', url: ch.url, json: true }).then(function (resp) {
|
return me._request({ method: 'GET', url: ch.url, json: true }).then(function (resp) {
|
||||||
console.error('poll: resp.body:');
|
console.error('poll: resp.body:');
|
||||||
console.error(resp.body);
|
console.error(resp.body);
|
||||||
|
|
||||||
if ('processing' === resp.body.status) {
|
if ('processing' === resp.body.status) {
|
||||||
if (me.debug) { console.log('poll: again'); }
|
if (me.debug) console.debug('poll: again');
|
||||||
return ACME._wait(1 * 1000).then(pollStatus);
|
return ACME._wait(1 * 1000).then(pollStatus);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -298,12 +296,12 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
if (count >= 4) {
|
if (count >= 4) {
|
||||||
return ACME._wait(1 * 1000).then(deactivate).then(testChallenge);
|
return ACME._wait(1 * 1000).then(deactivate).then(testChallenge);
|
||||||
}
|
}
|
||||||
if (me.debug) { console.log('poll: again'); }
|
if (me.debug) console.debug('poll: again');
|
||||||
return ACME._wait(1 * 1000).then(testChallenge);
|
return ACME._wait(1 * 1000).then(testChallenge);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ('valid' === resp.body.status) {
|
if ('valid' === resp.body.status) {
|
||||||
if (me.debug) { console.log('poll: valid'); }
|
if (me.debug) console.debug('poll: valid');
|
||||||
|
|
||||||
try {
|
try {
|
||||||
if (1 === options.removeChallenge.length) {
|
if (1 === options.removeChallenge.length) {
|
||||||
|
@ -345,14 +343,14 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
, headers: { 'Content-Type': 'application/jose+json' }
|
, headers: { 'Content-Type': 'application/jose+json' }
|
||||||
, json: jws
|
, json: jws
|
||||||
}).then(function (resp) {
|
}).then(function (resp) {
|
||||||
console.log('[acme-v2.js] challenge accepted!');
|
if (me.debug) console.debug('[acme-v2.js] challenge accepted!');
|
||||||
console.log(resp.headers);
|
if (me.debug) console.debug(resp.headers);
|
||||||
console.log(resp.body);
|
if (me.debug) console.debug(resp.body);
|
||||||
console.log();
|
if (me.debug) console.debug();
|
||||||
|
|
||||||
me._nonce = resp.toJSON().headers['replay-nonce'];
|
me._nonce = resp.toJSON().headers['replay-nonce'];
|
||||||
if (me.debug) { console.log('respond to challenge: resp.body:'); }
|
if (me.debug) console.debug('respond to challenge: resp.body:');
|
||||||
if (me.debug) { console.log(resp.body); }
|
if (me.debug) console.debug(resp.body);
|
||||||
return ACME._wait(1 * 1000).then(pollStatus).then(resolve, reject);
|
return ACME._wait(1 * 1000).then(pollStatus).then(resolve, reject);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
@ -367,8 +365,8 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
// http-01: GET https://example.org/.well-known/acme-challenge/{{token}} => {{keyAuth}}
|
// http-01: GET https://example.org/.well-known/acme-challenge/{{token}} => {{keyAuth}}
|
||||||
// dns-01: TXT _acme-challenge.example.org. => "{{urlSafeBase64(sha256(keyAuth))}}"
|
// dns-01: TXT _acme-challenge.example.org. => "{{urlSafeBase64(sha256(keyAuth))}}"
|
||||||
|
|
||||||
if (me.debug) {console.log('\n[DEBUG] postChallenge\n'); }
|
if (me.debug) {console.debug('\n[DEBUG] postChallenge\n'); }
|
||||||
//console.log('\n[DEBUG] stop to fix things\n'); return;
|
//if (me.debug) console.debug('\n[DEBUG] stop to fix things\n'); return;
|
||||||
|
|
||||||
return ACME._wait(1 * 1000).then(function () {
|
return ACME._wait(1 * 1000).then(function () {
|
||||||
if (!me.skipChallengeTest) {
|
if (!me.skipChallengeTest) {
|
||||||
|
@ -391,7 +389,7 @@ ACME._postChallenge = function (me, options, identifier, ch) {
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
ACME._finalizeOrder = function (me, options, validatedDomains) {
|
ACME._finalizeOrder = function (me, options, validatedDomains) {
|
||||||
if (me.debug) { console.log('finalizeOrder:'); }
|
if (me.debug) console.debug('finalizeOrder:');
|
||||||
var csr = me.RSA.generateCsrWeb64(options.domainKeypair, validatedDomains);
|
var csr = me.RSA.generateCsrWeb64(options.domainKeypair, validatedDomains);
|
||||||
var body = { csr: csr };
|
var body = { csr: csr };
|
||||||
var payload = JSON.stringify(body);
|
var payload = JSON.stringify(body);
|
||||||
|
@ -404,7 +402,7 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
|
||||||
, new Buffer(payload)
|
, new Buffer(payload)
|
||||||
);
|
);
|
||||||
|
|
||||||
if (me.debug) { console.log('finalize:', me._finalize); }
|
if (me.debug) console.debug('finalize:', me._finalize);
|
||||||
me._nonce = null;
|
me._nonce = null;
|
||||||
return me._request({
|
return me._request({
|
||||||
method: 'POST'
|
method: 'POST'
|
||||||
|
@ -414,8 +412,8 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
|
||||||
}).then(function (resp) {
|
}).then(function (resp) {
|
||||||
me._nonce = resp.toJSON().headers['replay-nonce'];
|
me._nonce = resp.toJSON().headers['replay-nonce'];
|
||||||
|
|
||||||
if (me.debug) { console.log('order finalized: resp.body:'); }
|
if (me.debug) console.debug('order finalized: resp.body:');
|
||||||
if (me.debug) { console.log(resp.body); }
|
if (me.debug) console.debug(resp.body);
|
||||||
|
|
||||||
if ('processing' === resp.body.status) {
|
if ('processing' === resp.body.status) {
|
||||||
return ACME._wait().then(pollCert);
|
return ACME._wait().then(pollCert);
|
||||||
|
@ -441,7 +439,7 @@ ACME._finalizeOrder = function (me, options, validatedDomains) {
|
||||||
return pollCert();
|
return pollCert();
|
||||||
};
|
};
|
||||||
ACME._getCertificate = function (me, options) {
|
ACME._getCertificate = function (me, options) {
|
||||||
if (me.debug) { console.log('[acme-v2] DEBUG get cert 1'); }
|
if (me.debug) console.debug('[acme-v2] DEBUG get cert 1');
|
||||||
|
|
||||||
if (!options.challengeTypes) {
|
if (!options.challengeTypes) {
|
||||||
if (!options.challengeType) {
|
if (!options.challengeType) {
|
||||||
|
@ -461,7 +459,7 @@ ACME._getCertificate = function (me, options) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (me.debug) { console.log('[acme-v2] certificates.create'); }
|
if (me.debug) console.debug('[acme-v2] certificates.create');
|
||||||
return ACME._getNonce(me).then(function () {
|
return ACME._getNonce(me).then(function () {
|
||||||
var body = {
|
var body = {
|
||||||
identifiers: options.domains.map(function (hostname) {
|
identifiers: options.domains.map(function (hostname) {
|
||||||
|
@ -479,7 +477,7 @@ ACME._getCertificate = function (me, options) {
|
||||||
, new Buffer(payload)
|
, new Buffer(payload)
|
||||||
);
|
);
|
||||||
|
|
||||||
if (me.debug) { console.log('\n[DEBUG] newOrder\n'); }
|
if (me.debug) console.debug('\n[DEBUG] newOrder\n');
|
||||||
me._nonce = null;
|
me._nonce = null;
|
||||||
return me._request({
|
return me._request({
|
||||||
method: 'POST'
|
method: 'POST'
|
||||||
|
@ -490,21 +488,19 @@ ACME._getCertificate = function (me, options) {
|
||||||
me._nonce = resp.toJSON().headers['replay-nonce'];
|
me._nonce = resp.toJSON().headers['replay-nonce'];
|
||||||
var location = resp.toJSON().headers.location;
|
var location = resp.toJSON().headers.location;
|
||||||
var auths;
|
var auths;
|
||||||
if (me.debug) {
|
if (me.debug) console.debug(location); // the account id url
|
||||||
console.log(location); // the account id url
|
if (me.debug) console.debug(resp.toJSON());
|
||||||
console.log(resp.toJSON());
|
|
||||||
}
|
|
||||||
me._authorizations = resp.body.authorizations;
|
me._authorizations = resp.body.authorizations;
|
||||||
me._order = location;
|
me._order = location;
|
||||||
me._finalize = resp.body.finalize;
|
me._finalize = resp.body.finalize;
|
||||||
//console.log('[DEBUG] finalize:', me._finalize); return;
|
//if (me.debug) console.debug('[DEBUG] finalize:', me._finalize); return;
|
||||||
|
|
||||||
if (!me._authorizations) {
|
if (!me._authorizations) {
|
||||||
console.error("[acme-v2.js] authorizations were not fetched:");
|
console.error("[acme-v2.js] authorizations were not fetched:");
|
||||||
console.error(resp.body);
|
console.error(resp.body);
|
||||||
return Promise.reject(new Error("authorizations were not fetched"));
|
return Promise.reject(new Error("authorizations were not fetched"));
|
||||||
}
|
}
|
||||||
if (me.debug) { console.log("47 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&"); }
|
if (me.debug) console.debug("47 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&");
|
||||||
|
|
||||||
//return resp.body;
|
//return resp.body;
|
||||||
auths = me._authorizations.slice(0);
|
auths = me._authorizations.slice(0);
|
||||||
|
@ -538,17 +534,17 @@ ACME._getCertificate = function (me, options) {
|
||||||
}
|
}
|
||||||
|
|
||||||
return next().then(function () {
|
return next().then(function () {
|
||||||
if (me.debug) { console.log("37 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&"); }
|
if (me.debug) console.debug("37 &#&#&#&#&#&#&&##&#&#&#&#&#&#&#&");
|
||||||
var validatedDomains = body.identifiers.map(function (ident) {
|
var validatedDomains = body.identifiers.map(function (ident) {
|
||||||
return ident.value;
|
return ident.value;
|
||||||
});
|
});
|
||||||
|
|
||||||
return ACME._finalizeOrder(me, options, validatedDomains);
|
return ACME._finalizeOrder(me, options, validatedDomains);
|
||||||
}).then(function () {
|
}).then(function () {
|
||||||
console.log('acme-v2: order was finalized');
|
if (me.debug) console.debug('acme-v2: order was finalized');
|
||||||
return me._request({ method: 'GET', url: me._certificate, json: true }).then(function (resp) {
|
return me._request({ method: 'GET', url: me._certificate, json: true }).then(function (resp) {
|
||||||
console.log('acme-v2: csr submitted and cert received:');
|
if (me.debug) console.debug('acme-v2: csr submitted and cert received:');
|
||||||
console.log(resp.body);
|
if (me.debug) console.debug(resp.body);
|
||||||
return resp.body;
|
return resp.body;
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
@ -558,8 +554,7 @@ ACME._getCertificate = function (me, options) {
|
||||||
|
|
||||||
ACME.create = function create(me) {
|
ACME.create = function create(me) {
|
||||||
if (!me) { me = {}; }
|
if (!me) { me = {}; }
|
||||||
//
|
// me.debug = true;
|
||||||
me.debug = true;
|
|
||||||
me.challengePrefixes = ACME.challengePrefixes;
|
me.challengePrefixes = ACME.challengePrefixes;
|
||||||
me.RSA = me.RSA || require('rsa-compat').RSA;
|
me.RSA = me.RSA || require('rsa-compat').RSA;
|
||||||
me.request = me.request || require('request');
|
me.request = me.request || require('request');
|
||||||
|
|
13
package.json
13
package.json
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"name": "acme-v2",
|
"name": "acme-v2",
|
||||||
"version": "0.9.0",
|
"version": "1.0.0",
|
||||||
"description": "A framework for building letsencrypt clients (and other ACME v2 clients), forked from le-acme-core.js.",
|
"description": "Free SSL. A framework for building Let's Encrypt v2 clients, and other ACME v2 (draft 11) clients. Successor to le-acme-core.js",
|
||||||
"homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js",
|
"homepage": "https://git.coolaj86.com/coolaj86/acme-v2.js",
|
||||||
"main": "node.js",
|
"main": "node.js",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
|
@ -13,16 +13,25 @@
|
||||||
},
|
},
|
||||||
"keywords": [
|
"keywords": [
|
||||||
"acmev2",
|
"acmev2",
|
||||||
|
"acmev02",
|
||||||
"acme-v2",
|
"acme-v2",
|
||||||
|
"acme-v02",
|
||||||
"acme",
|
"acme",
|
||||||
"acme2",
|
"acme2",
|
||||||
|
"acme11",
|
||||||
|
"acme-draft11",
|
||||||
|
"acme-draft-11",
|
||||||
|
"draft",
|
||||||
|
"11",
|
||||||
"ssl",
|
"ssl",
|
||||||
"tls",
|
"tls",
|
||||||
"https",
|
"https",
|
||||||
"Let's Encrypt",
|
"Let's Encrypt",
|
||||||
"letsencrypt",
|
"letsencrypt",
|
||||||
"letsencrypt-v2",
|
"letsencrypt-v2",
|
||||||
|
"letsencrypt-v02",
|
||||||
"letsencryptv2",
|
"letsencryptv2",
|
||||||
|
"letsencryptv02",
|
||||||
"letsencrypt2",
|
"letsencrypt2",
|
||||||
"greenlock",
|
"greenlock",
|
||||||
"greenlock2"
|
"greenlock2"
|
||||||
|
|
Loading…
Reference in New Issue