update to letsencrypt-express v2.x
This commit is contained in:
		
							parent
							
								
									f8a8f91e33
								
							
						
					
					
						commit
						d18bf7f3c5
					
				
							
								
								
									
										42
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										42
									
								
								README.md
									
									
									
									
									
								
							| @ -1,8 +1,9 @@ | ||||
| [](https://gitter.im/Daplie/letsencrypt-express?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) | ||||
| 
 | ||||
| | [letsencrypt (library)](https://github.com/Daplie/node-letsencrypt) | ||||
| | [letsencrypt (lib)](https://github.com/Daplie/node-letsencrypt) | ||||
| | [letsencrypt-cli](https://github.com/Daplie/letsencrypt-cli)  | ||||
| | [letsencrypt-express](https://github.com/Daplie/letsencrypt-express) | ||||
| | [letsencrypt-cluster](https://github.com/Daplie/letsencrypt-cluster) | ||||
| | [letsencrypt-koa](https://github.com/Daplie/letsencrypt-koa) | ||||
| | **letsencrypt-hapi** | ||||
| | | ||||
| @ -22,7 +23,7 @@ All you have to do is start the webserver and then visit it at it's domain name. | ||||
| ## Install | ||||
| 
 | ||||
| ``` | ||||
| npm install --save letsencrypt-express@1.x | ||||
| npm install --save letsencrypt-express@2.x | ||||
| ``` | ||||
| 
 | ||||
| *Pay no attention to the man behind the curtain.* (just ignore that the name of the module is letsencrypt-express) | ||||
| @ -32,21 +33,24 @@ npm install --save letsencrypt-express@1.x | ||||
| ```javascript | ||||
| 'use strict'; | ||||
| 
 | ||||
| var LEX = require('letsencrypt-express').testing(); | ||||
| var le = require('letsencrypt-express').create({ | ||||
|   server: 'staging' // in production use https://acme-v01.api.letsencrypt.org/directory | ||||
|    | ||||
| var lex = LEX.create({ | ||||
|   configDir: require('os').homedir() + '/letsencrypt/etc' | ||||
| , approveRegistration: function (hostname, cb) { | ||||
|     cb(null, { | ||||
|       domains: [hostname] | ||||
|     , email: 'CHANGE_ME' // user@example.com | ||||
|     , agreeTos: true | ||||
|     }); | ||||
| , configDir: require('os').homedir() + '/letsencrypt/etc' | ||||
|    | ||||
| , approveDomains: function (opts, certs, cb) { | ||||
|     opts.domains = certs && certs.altnames || opts.domains; | ||||
|     opts.email = 'john.doe@example.com' // CHANGE ME | ||||
|     opts.agreeTos = true; | ||||
|      | ||||
|     cb(null, { options: opts, certs: certs }); | ||||
|   } | ||||
|    | ||||
|  , debug: true | ||||
| }); | ||||
| ``` | ||||
| 
 | ||||
| WARNING: If you don't do any checks and simply complete `approveRegistration` callback, | ||||
| WARNING: If you don't do any checks and simply complete `approveDomains` callback, | ||||
| an attacker will spoof SNI packets with bad hostnames and that will cause you to be rate-limited | ||||
| and/or blocked from the ACME server. | ||||
| Alternatively, You can run registration *manually*: | ||||
| @ -55,6 +59,7 @@ Alternatively, You can run registration *manually*: | ||||
| npm install -g letsencrypt-cli | ||||
| 
 | ||||
| letsencrypt certonly --standalone \ | ||||
|   --server 'https://acme-v01.api.letsencrypt.org/directory' \ | ||||
|   --config-dir ~/letsencrypt/etc \ | ||||
|   --agree-tos --domains example.com --email user@example.com | ||||
| 
 | ||||
| @ -67,8 +72,8 @@ letsencrypt certonly --standalone \ | ||||
| var hapi = require('hapi'); | ||||
| var https = require('spdy'); | ||||
| var server = new hapi.Server(); | ||||
| var acmeResponder = LEX.createAcmeResponder(lex); | ||||
| var httpsServer = https.createServer(lex.httpsOptions).listen(443); | ||||
| var acmeResponder = le.middleware(); | ||||
| var httpsServer = https.createServer(le.httpsOptions).listen(443); | ||||
| 
 | ||||
| server.connection({ listener: httpsServer, autoListen: false, tls: true }); | ||||
| 
 | ||||
| @ -97,10 +102,9 @@ server.route({ | ||||
| 
 | ||||
| ```javascript | ||||
| var http = require('http'); | ||||
| var redirectHttps = require('redirect-https')(); | ||||
| 
 | ||||
| http.createServer(LEX.createAcmeResponder(lex, function redirectHttps(req, res) { | ||||
|   res.setHeader('Location', 'https://' + req.headers.host + req.url); | ||||
|   res.statusCode = 302; | ||||
|   res.end('<!-- Hello Developer Person! Please use HTTPS instead -->'); | ||||
| })).listen(80); | ||||
| http.createServer(le.middleware(redirectHttps)).listen(80, function () { | ||||
|   console.log('handle ACME http-01 challenge and redirect to https'); | ||||
| }); | ||||
| ``` | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user