7.3.3

fix(SmartAcme): Remove duplicate challengeHandlers declaration from SmartAcme class
7.3.2
2025-05-05 17:29:17 +00:00 · 2025-05-05 17:29:16 +00:00 · 2025-05-05 14:39:23 +00:00 · 2025-05-05 14:39:23 +00:00 · 2025-05-05 14:06:23 +00:00 · 2025-05-05 14:06:23 +00:00
48 changed files with 12574 additions and 3243 deletions
--- a/.gitea/workflows/default_nottags.yaml
+++ b/.gitea/workflows/default_nottags.yaml
@ -0,0 +1,66 @@
 name: Default (not tags)
 on:
  push:
    tags-ignore:
      - '**'
 env:
  IMAGE: code.foss.global/host.today/ht-docker-node:npmci
  NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@/${{gitea.repository}}.git
  NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
  NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
  NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
  NPMCI_URL_CLOUDLY: ${{secrets.NPMCI_URL_CLOUDLY}}
 jobs:
  security:
    runs-on: ubuntu-latest
    continue-on-error: true
    container:
      image: ${{ env.IMAGE }}
    steps:
      - uses: actions/checkout@v3
      - name: Install pnpm and npmci
        run: |
          pnpm install -g pnpm
          pnpm install -g @ship.zone/npmci
      - name: Run npm prepare
        run: npmci npm prepare
      - name: Audit production dependencies
        run: |
          npmci command npm config set registry https://registry.npmjs.org
          npmci command pnpm audit --audit-level=high --prod
        continue-on-error: true
      - name: Audit development dependencies
        run: |
          npmci command npm config set registry https://registry.npmjs.org
          npmci command pnpm audit --audit-level=high --dev
        continue-on-error: true
  test:
    if: ${{ always() }}
    needs: security
    runs-on: ubuntu-latest
    container:
      image: ${{ env.IMAGE }}
    steps:
      - uses: actions/checkout@v3
      - name: Test stable
        run: |
          npmci node install stable
          npmci npm install
          npmci npm test
      - name: Test build
        run: |
          npmci node install stable
          npmci npm install
          npmci npm build
--- a/.gitea/workflows/default_tags.yaml
+++ b/.gitea/workflows/default_tags.yaml
@ -0,0 +1,124 @@
 name: Default (tags)
 on:
  push:
    tags:
      - '*'
 env:
  IMAGE: code.foss.global/host.today/ht-docker-node:npmci
  NPMCI_COMPUTED_REPOURL: https://${{gitea.repository_owner}}:${{secrets.GITEA_TOKEN}}@/${{gitea.repository}}.git
  NPMCI_TOKEN_NPM: ${{secrets.NPMCI_TOKEN_NPM}}
  NPMCI_TOKEN_NPM2: ${{secrets.NPMCI_TOKEN_NPM2}}
  NPMCI_GIT_GITHUBTOKEN: ${{secrets.NPMCI_GIT_GITHUBTOKEN}}
  NPMCI_URL_CLOUDLY: ${{secrets.NPMCI_URL_CLOUDLY}}
 jobs:
  security:
    runs-on: ubuntu-latest
    continue-on-error: true
    container:
      image: ${{ env.IMAGE }}
    steps:
      - uses: actions/checkout@v3
      - name: Prepare
        run: |
          pnpm install -g pnpm
          pnpm install -g @ship.zone/npmci
          npmci npm prepare
      - name: Audit production dependencies
        run: |
          npmci command npm config set registry https://registry.npmjs.org
          npmci command pnpm audit --audit-level=high --prod
        continue-on-error: true
      - name: Audit development dependencies
        run: |
          npmci command npm config set registry https://registry.npmjs.org
          npmci command pnpm audit --audit-level=high --dev
        continue-on-error: true
  test:
    if: ${{ always() }}
    needs: security
    runs-on: ubuntu-latest
    container:
      image: ${{ env.IMAGE }}
    steps:
      - uses: actions/checkout@v3
      - name: Prepare
        run: |
          pnpm install -g pnpm
          pnpm install -g @ship.zone/npmci
          npmci npm prepare
      - name: Test stable
        run: |
          npmci node install stable
          npmci npm install
          npmci npm test
      - name: Test build
        run: |
          npmci node install stable
          npmci npm install
          npmci npm build
  release:
    needs: test
    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
    runs-on: ubuntu-latest
    container:
      image: ${{ env.IMAGE }}
    steps:
      - uses: actions/checkout@v3
      - name: Prepare
        run: |
          pnpm install -g pnpm
          pnpm install -g @ship.zone/npmci
          npmci npm prepare
      - name: Release
        run: |
          npmci node install stable
          npmci npm publish
  metadata:
    needs: test
    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')
    runs-on: ubuntu-latest
    container:
      image: ${{ env.IMAGE }}
    continue-on-error: true
    steps:
      - uses: actions/checkout@v3
      - name: Prepare
        run: |
          pnpm install -g pnpm
          pnpm install -g @ship.zone/npmci
          npmci npm prepare
      - name: Code quality
        run: |
          npmci command npm install -g typescript
          npmci npm install
      - name: Trigger
        run: npmci trigger
      - name: Build docs and upload artifacts
        run: |
          npmci node install stable
          npmci npm install
          pnpm install -g @git.zone/tsdoc
          npmci command tsdoc
        continue-on-error: true
--- a/.gitignore
+++ b/.gitignore
@ -1,5 +1,19 @@
-node_modules/
+.nogit/
 # artifacts
 coverage/
 public/
-pages/
+
-.nogit/
+# installs
 node_modules/
 # caches
 .yarn/
 .cache/
 .rpt2_cache
 # builds
 dist/
 dist_*/
 #------# custom
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -1,150 +0,0 @@
 # gitzone standard
 image: hosttoday/ht-docker-node:npmci
 cache:
  paths:
  - .npmci_cache/
  key: "$CI_BUILD_STAGE"
 stages:
 - security
 - test
 - release
 - metadata
 # ====================
 # security stage
 # ====================
 mirror:
  stage: security
  script:
  - npmci git mirror
  tags:
  - docker
  - notpriv
 snyk:
  stage: security
  script:
    - npmci npm prepare
    - npmci command npm install -g snyk
    - npmci command npm install --ignore-scripts
    - npmci command snyk test
  tags:
  - docker
  - notpriv
 sast:
  stage: security
  image: registry.gitlab.com/hosttoday/ht-docker-dbase:npmci
  variables:
    DOCKER_DRIVER: overlay2
  allow_failure: true
  services:
    - docker:stable-dind
  script:
    - npmci npm prepare
    - npmci npm install
    - npmci command npm run build
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
        --volume "$PWD:/code"
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
  artifacts:
    reports:
      sast: gl-sast-report.json
  tags:
  - docker
  - priv
 # ====================
 # test stage
 # ====================
 testLTS:
  stage: test
  script:
  - npmci npm prepare
  - npmci node install lts
  - npmci npm install
  - npmci npm test
  coverage: /\d+.?\d+?\%\s*coverage/
  tags:
  - docker
  - notpriv
 testSTABLE:
  stage: test
  script:
  - npmci npm prepare
  - npmci node install stable
  - npmci npm install
  - npmci npm test
  coverage: /\d+.?\d+?\%\s*coverage/
  tags:
  - docker
  - notpriv
 release:
  stage: release
  script:
  - npmci node install stable
  - npmci npm publish
  only:
  - tags
  tags:
  - docker
  - notpriv
 # ====================
 # metadata stage
 # ====================
 codequality:
  stage: metadata
  image: docker:stable
  allow_failure: true
  services:
    - docker:stable-dind
  script:
    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
    - docker run
        --env SOURCE_CODE="$PWD"
        --volume "$PWD":/code
        --volume /var/run/docker.sock:/var/run/docker.sock
        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
  artifacts:
    paths: [codeclimate.json]
  tags:
  - docker
  - priv
 trigger:
  stage: metadata
  script:
  - npmci trigger
  only:
  - tags
  tags:
  - docker
  - notpriv
 pages:
  image: hosttoday/ht-docker-node:npmci
  stage: metadata
  script:
    - npmci command npm install -g typedoc typescript
    - npmci npm prepare
    - npmci npm install
    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
  tags:
    - docker
    - notpriv
  only:
    - tags
  artifacts:
    expire_in: 1 week
    paths:
    - public
  allow_failure: true
--- a/.snyk
+++ b/.snyk
@ -1,12 +0,0 @@
 # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
 version: v1.12.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
  'npm:node-forge:20180226':
    - rsa-compat > node-forge:
        reason: None given
        expires: '2018-09-11T19:17:24.148Z'
    - acme-v2 > rsa-compat > node-forge:
        reason: None given
        expires: '2018-09-11T19:17:24.148Z'
 patch: {}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -0,0 +1,11 @@
 {
  "version": "0.2.0",
  "configurations": [
    {
      "command": "npm test",
      "name": "Run npm test",
      "request": "launch",
      "type": "node-terminal"
    }
  ]
 }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -0,0 +1,26 @@
 {
  "json.schemas": [
    {
      "fileMatch": ["/npmextra.json"],
      "schema": {
        "type": "object",
        "properties": {
          "npmci": {
            "type": "object",
            "description": "settings for npmci"
          },
          "gitzone": {
            "type": "object",
            "description": "settings for gitzone",
            "properties": {
              "projectType": {
                "type": "string",
                "enum": ["website", "element", "service", "npm", "wcc"]
              }
            }
          }
        }
      }
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -1,63 +0,0 @@
 # smartacme
 acme implementation in TypeScript
 ## Availabililty
 [![npm](https://umbrellazone.gitlab.io/assets/repo-button-npm.svg)](https://www.npmjs.com/package/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-git.svg)](https://GitLab.com/umbrellazone/smartacme)
 [![git](https://umbrellazone.gitlab.io/assets/repo-button-mirror.svg)](https://github.com/umbrellazone/smartacme)
 [![docs](https://umbrellazone.gitlab.io/assets/repo-button-docs.svg)](https://umbrellazone.gitlab.io/smartacme/)
 ## Status for master
 [![build status](https://GitLab.com/umbrellazone/smartacme/badges/master/build.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![coverage report](https://GitLab.com/umbrellazone/smartacme/badges/master/coverage.svg)](https://GitLab.com/umbrellazone/smartacme/commits/master)
 [![npm downloads per month](https://img.shields.io/npm/dm/smartacme.svg)](https://www.npmjs.com/package/smartacme)
 [![Dependency Status](https://david-dm.org/umbrellazone/smartacme.svg)](https://david-dm.org/umbrellazone/smartacme)
 [![bitHound Dependencies](https://www.bithound.io/github/umbrellazone/smartacme/badges/dependencies.svg)](https://www.bithound.io/github/umbrellazone/smartacme/master/dependencies/npm)
 [![bitHound Code](https://www.bithound.io/github/umbrellazone/smartacme/badges/code.svg)](https://www.bithound.io/github/umbrellazone/smartacme)
 [![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
 [![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
 ## Usage
 Use TypeScript for best in class instellisense.
 ```javascript
 import { SmartAcme } from 'smartacme';
 let smac = new SmartAcme()(async () => {
  // learn async/await, it'll make your life easier
  // optionally accepts a filePath Arg with a stored acmeaccount.json
  // will create an account and
  let myAccount = await smac.createAcmeAccount();
  // will return a dnsHash to set in your DNS record
  let myCert = await myAccount.createAcmeCert('example.com');
  // gets and accepts the specified challenge
  // first argument optional, defaults to dns-01 (which is the cleanest method for production use)
  let myChallenge = await myCert.getChallenge('dns-01');
  /* ----------
    Now you need to set the challenge in your DNS
    myChallenge.domainNamePrefixed is the address for the record
    myChallenge.dnsKeyHash is the ready to use txt record value expected by letsencrypt
    -------------*/
 })();
 ```
 ## Other relevant npm modules
 | module name | description                                                         |
 | ----------- | ------------------------------------------------------------------- |
 | cert        | a higlevel production module that uses smartacme to manage certs    |
 | smartnginx  | a highlevel production tool for docker environments to manage nginx |
 > MIT licensed | **&copy;** [Lossless GmbH](https://lossless.gmbh)
 > | By using this npm module you agree to our [privacy policy](https://lossless.gmbH/privacy.html)
 [![repo-footer](https://umbrellazone.gitlab.io/assets/repo-footer.svg)](https://umbrella.zone
--- a/changelog.md
+++ b/changelog.md
@ -0,0 +1,260 @@
 # Changelog
 ## 2025-05-05 - 7.3.3 - fix(SmartAcme)
 Remove duplicate challengeHandlers declaration from SmartAcme class
 - Eliminated the redundant private declaration of challengeHandlers since it is already defined as a public property
 - Ensures a single source of truth and clearer interface for challenge handler configuration
 ## 2025-05-05 - 7.3.2 - fix(test)
 Add missing checkWetherDomainIsSupported implementation to DummyHandler for interface compliance in tests
 - Implemented the missing checkWetherDomainIsSupported method in the DummyHandler to satisfy IChallengeHandler interface requirements
 - Ensured that tests now correctly instantiate the DummyHandler without interface errors
 ## 2025-05-05 - 7.3.1 - fix(core)
 Refactor import paths and update dependency references
 - Replaced deprecated 'smartacme.plugins.js' with the new 'plugins.js' across cert managers, handlers, and core classes
 - Added missing dependencies (@push.rocks/smartfile and @push.rocks/smartnetwork) in package.json
 - Updated HTTP challenge handlers to include domain support checks via checkWetherDomainIsSupported
 - Adjusted import paths in MongoCertManager, MemoryCertManager, and DNS-01 handler for consistency
 ## 2025-05-05 - 7.3.0 - feat(index)
 Bump @tsclass/tsclass to 9.2.0 and update module exports to include handlers
 - Upgrade @tsclass/tsclass dependency from 9.1.0 to 9.2.0 in package.json
 - Add explicit export of handlers in ts/index.ts to improve module accessibility
 ## 2025-05-05 - 7.2.5 - fix(smartacme)
 Refactor module exports and update wildcard certificate support documentation
 - Updated readme.plan.md to streamline and remove obsolete wildcard plan details
 - Normalized certmanager imports by consolidating exports in ts/index.ts and updating tests accordingly
 - Reordered ISmartAcmeOptions interface properties for clarity (accountEmail moved to the top)
 ## 2025-05-04 - 7.2.4 - fix(test)
 Refactor wildcard certificate test to properly stub SmartAcme.start and getCertificateForDomain for robust integration.
 - Temporarily override SmartAcme.start and getCertificateForDomain to simulate wildcard certificate behavior.
 - Restore original prototype methods post-test to prevent side effects.
 - Improve test clarity for wildcard certificate integration.
 ## 2025-05-01 - 7.2.3 - fix(docs)
 Improve certificate manager documentation with detailed examples and custom implementation guide
 - Added usage examples for MemoryCertManager and MongoCertManager
 - Provided a custom ICertManager implementation guide
 - Enhanced overall documentation clarity for certificate storage configuration
 ## 2025-05-01 - 7.2.2 - fix(readme)
 Update readme documentation: switch installation instructions to pnpm and clarify usage with MongoCertManager and updated SmartAcme options
 - Replaced npm/yarn commands with pnpm commands for installation and testing.
 - Added guidance to ensure the project is set up for TypeScript and ECMAScript Modules.
 - Updated usage examples to include initialization of MongoCertManager instead of legacy mongoDescriptor.
 - Revised challenge handlers examples to reference the current API signatures.
 ## 2025-05-01 - 7.2.1 - fix(smartacme)
 Centralize interest map coordination and remove redundant interestMap from cert managers
 - Removed interestMap property and related logic from MemoryCertManager and MongoCertManager
 - Refactored SmartAcme to instantiate its own interestMap for coordinating certificate requests
 - Updated getCertificateForDomain to use the new interestMap for checking and adding certificate interests
 ## 2025-05-01 - 7.2.0 - feat(core)
 Refactor SmartAcme core to centralize interest coordination and update dependencies
 - Moved interest coordination mechanism out of ICertManager implementations and into SmartAcme core
 - Updated certificate managers (MemoryCertManager and MongoCertManager) to remove redundant interestMap handling
 - Upgraded @push.rocks/tapbundle from 6.0.1 to 6.0.3 in package.json
 - Revised readme.plan.md to reflect the new interest coordination approach
 ## 2025-04-30 - 7.1.0 - feat(certmanagers/integration)
 Add optional wipe methods to certificate managers and update integration tests, plus bump tapbundle dependency
 - Introduce wipe() in ICertManager to support integration testing by clearing stored certificates
 - Implement wipe() in MemoryCertManager and MongoCertManager for resetting internal state
 - Refactor SmartAcme constructor to consider wiping certificates in integration mode (commented out for now)
 - Update integration test assertions and add console logging for domain certificate retrieval
 - Upgrade @push.rocks/tapbundle from ^6.0.0 to ^6.0.1
 ## 2025-04-30 - 7.0.0 - BREAKING CHANGE(SmartAcme (Cert Management))
 Refactor certificate management and challenge handling API to use a unified certManager interface, remove legacy storage, and update challenge workflows.
 - Introduce ICertManager interface with MemoryCertManager and MongoCertManager implementations.
 - Remove the legacy SmartacmeCertManager and update SmartAcme to require a certManager option instead of mongoDescriptor.
 - Adjust certificate renewal logic to delete and store certificates through the new certManager API.
 - Refine DNS-01 challenge handling by removing in-handler DNS propagation waiting and relying on external checks.
 - Increase retry settings for robustness during challenge verification and certificate issuance.
 - Update integration and unit tests to use the new certManager configuration.
 ## 2025-04-30 - 6.2.0 - feat(handlers)
 Add in-memory HTTP-01 challenge handler and rename file-based handler to Http01Webroot
 - Renamed Http01Handler to Http01Webroot in both implementation and documentation
 - Introduced Http01MemoryHandler for diskless HTTP-01 challenges
 - Updated tests and README examples to reflect handler name changes and new feature
 ## 2025-04-30 - 6.1.3 - fix(Dns01Handler)
 Update dependency versions and refine Dns01Handler implementation
 - Bump '@apiclient.xyz/cloudflare' to ^6.4.1 and '@tsclass/tsclass' to ^9.1.0 in package.json
 - Remove duplicate Cloudflare import in smartacme.plugins.ts
 - Refactor Dns01Handler to use IConvenientDnsProvider and add checkWetherDomainIsSupported method
 - Align devDependencies versions for improved consistency
 ## 2025-04-27 - 6.1.2 - fix(repo)
 Update repository metadata by replacing the LICENSE file with a license.md file for improved consistency.
 - Removed the old LICENSE file.
 - Introduced license.md as the new license documentation file.
 ## 2025-04-27 - 6.1.1 - fix(readme)
 Fix license link reference in documentation
 - Updated the license link from [license](license) to [license.md](license.md) in the License and Legal Information section
 ## 2025-04-27 - 6.1.0 - feat(readme)
 Update documentation with detailed built-in challenge handlers and custom handler examples
 - Expanded readme to include sections on Dns01Handler and Http01Handler usage
 - Added examples for creating and registering custom ACME challenge handlers
 - Improved clarity of ACME certificate management instructions using SmartAcme
 ## 2025-04-27 - 6.0.1 - fix(readme)
 Remove extraneous code fence markers from license section in readme
 - Removed unnecessary triple backticks wrapping the license information
 - Improved clarity of the license section in the documentation
 ## 2025-04-27 - 6.0.0 - BREAKING CHANGE(SmartAcme)
 Refactor challenge handling by removing legacy setChallenge/removeChallenge in favor of pluggable challengeHandlers and update documentation and tests accordingly
 - Removed legacy challenge methods and introduced new 'challengeHandlers' and 'challengePriority' options
 - Updated readme examples to demonstrate usage with DNS-01 (and HTTP-01) handlers
 - Refactored internal SmartAcme flow to select and process challenges via the new handler interface
 - Adjusted tests (including integration tests) to align with the updated challenge handling mechanism
 ## 2025-04-27 - 5.1.0 - feat(smartacme)
 Implement exponential backoff retry logic and graceful shutdown handling in SmartAcme; update acme-client dependency to v5.4.0
 - Added retry helper with exponential backoff for ACME client operations
 - Introduced retryOptions in ISmartAcmeOptions for configurable retry parameters
 - Enhanced graceful shutdown handling by cleaning up pending DNS challenges on signal
 - Updated acme-client dependency from v4.2.5 to v5.4.0
 ## 2025-04-26 - 5.0.1 - fix(build)
 Update CI workflows, bump dependency versions, and refine import and TypeScript configuration
 - Changed CI workflow image and npmci package from '@shipzone/npmci' to '@ship.zone/npmci', and updated repository URLs
 - Bumped several dependency versions in package.json (e.g. @api.global/typedserver, @push.rocks/lik, @push.rocks/smartdata, @push.rocks/smartdns, @tsclass/tsclass) to newer releases
 - Adjusted smartdns import to use the smartdnsClient module for proper module resolution
 - Updated tsconfig.json to add emitDecoratorMetadata and baseUrl settings
 - Minor markdown and formatting tweaks in readme and gitignore files, and slight improvements in test async handling
 ## 2024-06-16 - 5.0.0 - No significant changes  
 This release contains no user‑facing changes.
 ## 2024-06-16 - 4.0.8 - Structure and configuration updates  
 - BREAKING CHANGE(structure): renamed classes to avoid confusion  
 - update description  
 - update tsconfig  
 - update npmextra.json: githost
 ## 2024-01-28 - 4.0.7–4.0.6 - Internal fixes and updates  
 - A series of releases with routine bug fixes and maintenance updates.
 ## 2023-07-21 - 4.0.5–4.0.4 - Internal fixes and updates  
 - Multiple releases addressing internal issues and maintenance improvements.
 ## 2023-07-10 - 4.0.3 - Organizational changes  
 - switch to new org scheme
 ## 2022-09-27 - 4.0.0–4.0.2 - Internal fixes and updates  
 - Routine maintenance and internal bug fixes.
 ## 2022-09-27 - 3.0.15 - Breaking changes  
 - BREAKING CHANGE(core): update
 ## 2021-01-22 - 3.0.9–3.0.14 - Internal fixes and updates  
 - A range of releases focused on routine internal updates.
 ## 2020-11-18 - 3.0.0–3.0.8 - Internal fixes and updates  
 - Routine maintenance and internal bug fixes.
 ## 2020-02-10 - 2.1.2 - Breaking changes  
 - BREAKING CHANGE(core): streamline scope to certificate retrieval using dns challenge
 ## 2020-02-10 - 2.1.0–2.1.1 - Internal fixes and updates  
 - Routine fixes and updates.
 ## 2019-02-06 - 2.0.36 - New feature  
 - feat(Cert): now has validity check
 ## 2019-01-18 - 2.0.2–2.0.35 - Internal fixes and updates  
 - Routine internal updates and maintenance.
 ## 2018-10-07 - 2.0.0–2.0.1 - Internal fixes and updates  
 - Routine internal updates and maintenance.
 ## 2018-10-07 - 1.1.4 - Breaking changes  
 - BREAKING CHANGE(scope): change to @pushrocks
 ## 2018-08-12 - 1.1.1 - NPM publishing fix  
 - fix(npm publishing): update
 ## 2018-08-11 - 1.1.0 - Certificate issuance update  
 - fix(core): now creating certs all right
 ## 2018-08-11 - 1.0.11 - Feature update  
 - feat(swaitch to acme-v2): switch to letsencrypt v2
 ## 2017-04-28 - 1.0.10 - CI improvements  
 - add updated ci config
 ## 2017-04-28 - 1.0.9 - Standards update  
 - update to latest standards
 ## 2017-01-27 - 1.0.8 - Basic functionality  
 - basic functionality
 ## 2017-01-25 - 1.0.7 - Response and validation improvements  
 - now getting a valid response  
 - update validation  
 - improve README
 ## 2017-01-15 - 1.0.6 - Async and documentation improvements  
 - improve README  
 - add async checkDNS
 ## 2017-01-15 - 1.0.5 - Standards and process updates  
 - update to new standards  
 - now has working requestValidation method  
 - fix som things  
 - start better segregation of concerns  
 - start with certificate signing process
 ## 2017-01-01 - 1.0.4 - Certificate acquisition improvements  
 - now getting certificates  
 - can now agree to TOS  
 - remove test keys
 ## 2017-01-01 - 1.0.3 - NPM extra configuration  
 - add npmextra.json
 ## 2017-01-01 - 1.0.2 - README and integration update  
 - add better readme  
 - switch to rawacme for more basic letsencrypt access
 ## 2016-11-17 - 1.0.1 - Promise fix  
 - fix promise
 ## 2016-11-17 - 1.0.0 - Major initial release changes  
 - remove superflouous key creation  
 - switch to acme core  
 - prepare switch to le‑acme‑core  
 - improve upon keyCreation  
 - update to use more promises  
 - add README  
 - first version
--- a/license.md
+++ b/license.md
@ -1,4 +1,4 @@
-Copyright (C) 2016, Lossless GmbH
+Copyright (C) 2016, Task Venture Capital GmbH
 Permission is hereby granted, free of charge, to any person obtaining a copy of
 this software and associated documentation files (the "Software"), to deal in
--- a/npmextra.json
+++ b/npmextra.json
@ -1,6 +1,38 @@
 {
  "gitzone": {
    "projectType": "npm",
    "module": {
      "githost": "code.foss.global",
      "gitscope": "push.rocks",
      "gitrepo": "smartacme",
      "description": "A TypeScript-based ACME client for LetsEncrypt certificate management with a focus on simplicity and power.",
      "npmPackagename": "@push.rocks/smartacme",
      "license": "MIT",
      "projectDomain": "push.rocks",
      "keywords": [
        "ACME",
        "LetsEncrypt",
        "TypeScript",
        "certificate management",
        "DNS challenges",
        "SSL/TLS",
        "secure communication",
        "domain validation",
        "automation",
        "crypto",
        "MongoDB",
        "dns-01 challenge",
        "token-based challenges",
        "certificate renewal",
        "wildcard certificates"
      ]
    }
  },
  "npmci": {
    "npmGlobalTools": [],
    "npmAccessLevel": "public"
  },
  "tsdoc": {
    "legal": "\n## License and Legal Information\n\nThis repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository. \n\n**Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.\n\n### Trademarks\n\nThis project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.\n\n### Company Information\n\nTask Venture Capital GmbH  \nRegistered at District court Bremen HRB 35230 HB, Germany\n\nFor any legal inquiries or if you require further information, please contact us via email at hello@task.vc.\n\nBy using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.\n"
  }
 }
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -1,51 +1,86 @@
 {
-  "name": "@pushrocks/smartacme",
+  "name": "@push.rocks/smartacme",
-  "version": "2.0.22",
+  "version": "7.3.3",
  "private": false,
-  "description": "acme implementation in TypeScript",
+  "description": "A TypeScript-based ACME client for LetsEncrypt certificate management with a focus on simplicity and power.",
-  "main": "dist/index.js",
+  "main": "dist_ts/index.js",
-  "typings": "dist/index.d.ts",
+  "typings": "dist_ts/index.d.ts",
  "type": "module",
  "scripts": {
    "test": "(tstest test/)",
-    "build": "(tsbuild)"
+    "build": "(tsbuild --web --allowimplicitany)",
    "buildDocs": "tsdoc"
  },
  "repository": {
    "type": "git",
-    "url": "git+ssh://git@gitlab.com/umbrellazone/smartacme.git"
+    "url": "https://code.foss.global/push.rocks/smartacme.git"
  },
  "keywords": [
    "ACME",
    "LetsEncrypt",
    "TypeScript",
-    "acme",
+    "certificate management",
-    "letsencrypt"
+    "DNS challenges",
    "SSL/TLS",
    "secure communication",
    "domain validation",
    "automation",
    "crypto",
    "MongoDB",
    "dns-01 challenge",
    "token-based challenges",
    "certificate renewal",
    "wildcard certificates"
  ],
-  "author": "Lossless GmbH",
+  "author": "Task Venture Capital GmbH",
  "license": "MIT",
  "bugs": {
-    "url": "https://gitlab.com/umbrellazone/smartacme/issues"
+    "url": "https://code.foss.global/push.rocks/smartacme/issues"
  },
-  "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
+  "homepage": "https://code.foss.global/push.rocks/smartacme#readme",
  "dependencies": {
-    "@pushrocks/lik": "^3.0.4",
+    "@api.global/typedserver": "^3.0.74",
-    "@pushrocks/smartdata": "^3.1.13",
+    "@apiclient.xyz/cloudflare": "^6.4.1",
-    "@pushrocks/smartdelay": "^2.0.2",
+    "@push.rocks/lik": "^6.2.2",
-    "@pushrocks/smartdns": "^3.0.8",
+    "@push.rocks/smartdata": "^5.15.1",
-    "@pushrocks/smartexpress": "^3.0.0",
+    "@push.rocks/smartdelay": "^3.0.5",
-    "@pushrocks/smartpromise": "^2.0.5",
+    "@push.rocks/smartdns": "^6.2.2",
-    "@pushrocks/smartrequest": "^1.1.14",
+    "@push.rocks/smartfile": "^11.2.0",
-    "@pushrocks/smartstring": "^3.0.8",
+    "@push.rocks/smartlog": "^3.0.7",
-    "@pushrocks/smarttime": "^3.0.5",
+    "@push.rocks/smartnetwork": "^4.0.1",
-    "@pushrocks/smartunique": "^3.0.1",
+    "@push.rocks/smartpromise": "^4.2.3",
-    "acme-client": "^2.2.2"
+    "@push.rocks/smartrequest": "^2.1.0",
    "@push.rocks/smartstring": "^4.0.15",
    "@push.rocks/smarttime": "^4.1.1",
    "@push.rocks/smartunique": "^3.0.9",
    "@tsclass/tsclass": "^9.2.0",
    "acme-client": "^5.4.0"
  },
  "devDependencies": {
-    "@gitzone/tsbuild": "^2.1.4",
+    "@git.zone/tsbuild": "^2.3.2",
-    "@gitzone/tsrun": "^1.1.17",
+    "@git.zone/tsrun": "^1.3.3",
-    "@gitzone/tstest": "^1.0.18",
+    "@git.zone/tstest": "^1.0.96",
-    "@mojoio/cloudflare": "^2.0.0",
+    "@push.rocks/qenv": "^6.1.0",
-    "@pushrocks/qenv": "^3.0.2",
+    "@push.rocks/tapbundle": "^6.0.3",
-    "@pushrocks/tapbundle": "^3.0.7",
+    "@types/node": "^22.15.3"
-    "@types/node": "^10.12.18",
+  },
-    "tslint": "^5.12.0",
+  "files": [
-    "tslint-config-prettier": "^1.17.0"
+    "ts/**/*",
    "ts_web/**/*",
    "dist/**/*",
    "dist_*/**/*",
    "dist_ts/**/*",
    "dist_ts_web/**/*",
    "assets/**/*",
    "cli.js",
    "npmextra.json",
    "readme.md"
  ],
  "browserslist": [
    "last 1 chrome versions"
  ],
  "packageManager": "pnpm@10.7.0+sha512.6b865ad4b62a1d9842b61d674a393903b871d9244954f652b8842c2b553c72176b278f64c463e52d40fff8aba385c235c8c9ecf5cc7de4fd78b8bb6d49633ab6",
  "pnpm": {
    "overrides": {}
  }
 }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
--- a/qenv.yml
+++ b/qenv.yml
@ -1,6 +1,5 @@
 required:
-  - CF_EMAIL
+  - CF_TOKEN
  - CF_KEY
  - MONGODB_URL
  - MONGODB_PASSWORD
  - MONGODB_DATABASE
--- a/readme.hints.md
+++ b/readme.hints.md
@ -0,0 +1,2 @@
 - this repo is dependent on letsencrypt and its limits
 - to simpify the outside API, smartacme is stateful, meaning it works with a mongodb and a collection called 'SmartacmeCert'.
--- a/readme.md
+++ b/readme.md
@ -0,0 +1,353 @@
 # @push.rocks/smartacme
 A TypeScript-based ACME client with an easy yet powerful interface for LetsEncrypt certificate management.
 ## Install
 Using pnpm as the package manager:
 ```bash
 pnpm add @push.rocks/smartacme
 ```
 Ensure your project is set up to use TypeScript and ECMAScript Modules (ESM).
 ## Running Tests
 Tests are written using `@push.rocks/tapbundle` and can be run with:
 ```bash
 pnpm test
 ```
 To run a specific test file:
 ```bash
 tsx test/<test-file>.ts
 ```
 ## Usage
 This guide will walk you through using `@push.rocks/smartacme` to set up and manage ACME (Automated Certificate Management Environment) certificates with a focus on the Let's Encrypt service, which provides free SSL certificates. The library provides an easy yet powerful TypeScript interface to automate the process of obtaining, renewing, and installing your SSL certificates.
 ### Table of Contents
 1. [Setting Up Your Project](#setting-up-your-project)
 2. [Creating a SmartAcme Instance](#creating-a-smartacme-instance)
 3. [Initializing SmartAcme](#initializing-smartacme)
 4. [Obtaining a Certificate for a Domain](#obtaining-a-certificate-for-a-domain)
 5. [Automating DNS Challenges](#automating-dns-challenges)
 6. [Managing Certificates](#managing-certificates)
 7. [Environmental Considerations](#environmental-considerations)
 8. [Complete Example](#complete-example)
 ### Setting Up Your Project
 Ensure your project includes the necessary TypeScript configuration and dependencies. You'll need to have TypeScript installed and configured for ECMAScript Modules. If you are new to TypeScript, review its [documentation](https://www.typescriptlang.org/docs/) to get started.
 ### Creating a SmartAcme Instance
 Start by importing the `SmartAcme` class and any built-in handlers you plan to use. For example, to use DNS-01 via Cloudflare:
 ```typescript
 import { SmartAcme, MongoCertManager } from '@push.rocks/smartacme';
 import * as cloudflare from '@apiclient.xyz/cloudflare';
 import { Dns01Handler } from '@push.rocks/smartacme/ts/handlers/Dns01Handler.js';
 // Create a Cloudflare account client with your API token
 const cfAccount = new cloudflare.CloudflareAccount('YOUR_CF_TOKEN');
 // Initialize a certificate manager (e.g., MongoDB)
 const certManager = new MongoCertManager({
  mongoDbUrl: 'mongodb://yourmongoURL',
  mongoDbName: 'yourDbName',
  mongoDbPass: 'yourDbPassword',
 });
 // Instantiate SmartAcme with the certManager and challenge handlers
 const smartAcmeInstance = new SmartAcme({
  accountEmail: 'youremail@example.com',
  certManager,
  environment: 'integration', // 'production' to request real certificates
  retryOptions: {},           // optional retry/backoff settings
  challengeHandlers: [        // pluggable ACME challenge handlers
    new Dns01Handler(cfAccount),
    // add more handlers as needed (e.g., Http01Webroot, Http01MemoryHandler)
  ],
  challengePriority: ['dns-01'], // optional challenge ordering
 });
 ```
 ### Initializing SmartAcme
 Before proceeding to request certificates, start your SmartAcme instance:
 ```typescript
 await smartAcmeInstance.start();
 ```
 ### Obtaining a Certificate for a Domain
 To obtain a certificate for a specific domain, use the `getCertificateForDomain` method. This function ensures that if a valid certificate is already present, it will be reused; otherwise, a new certificate is obtained:
 ```typescript
 const myDomain = 'example.com';
 const myCert = await smartAcmeInstance.getCertificateForDomain(myDomain);
 console.log('Certificate:', myCert);
 ```
 ### Automating DNS Challenges
 SmartAcme uses pluggable ACME challenge handlers (see built-in handlers below) to automate domain validation. You configure handlers via the `challengeHandlers` array when creating the instance, and SmartAcme will invoke each handler’s `prepare`, optional `verify`, and `cleanup` methods during the ACME order flow.
 ### Managing Certificates
 The library automatically handles fetching, renewing, and storing your certificates in a MongoDB database specified via a certificate manager. Ensure your MongoDB instance is accessible and properly configured for use with SmartAcme.
 ```typescript
 import { MongoCertManager } from '@push.rocks/smartacme';
 const certManager = new MongoCertManager({
  mongoDbUrl: 'mongodb://yourmongoURL',
  mongoDbName: 'yourDbName',
  mongoDbPass: 'yourDbPassword',
 });
 ```
 SmartAcme uses the `ICertManager` interface for certificate storage. Two built-in implementations are available:
 - **MemoryCertManager**
  - In-memory storage, suitable for testing or ephemeral use.
  - Import example:
    ```typescript
    import { MemoryCertManager } from '@push.rocks/smartacme';
    const certManager = new MemoryCertManager();
    ```
 - **MongoCertManager**
  - Persistent storage in MongoDB (collection: `SmartacmeCert`).
  - Import example:
    ```typescript
    import { MongoCertManager } from '@push.rocks/smartacme';
    const certManager = new MongoCertManager({
      mongoDbUrl: 'mongodb://yourmongoURL',
      mongoDbName: 'yourDbName',
      mongoDbPass: 'yourDbPassword',
    });
    ```
 #### Custom Certificate Managers
 To implement a custom certificate manager, implement the `ICertManager` interface and pass it to `SmartAcme`:
 ```typescript
 import type { ICertManager, Cert as SmartacmeCert } from '@push.rocks/smartacme';
 import { SmartAcme } from '@push.rocks/smartacme';
 class MyCustomCertManager implements ICertManager {
  async init(): Promise<void> { /* setup storage */ }
  async get(domainName: string): Promise<SmartacmeCert | null> { /* lookup cert */ }
  async put(cert: SmartacmeCert): Promise<SmartacmeCert> { /* store cert */ }
  async delete(domainName: string): Promise<void> { /* remove cert */ }
  async close?(): Promise<void> { /* optional cleanup */ }
 }
 // Use your custom manager:
 const customManager = new MyCustomCertManager();
 const smartAcme = new SmartAcme({
  accountEmail: 'youremail@example.com',
  certManager: customManager,
  environment: 'integration',
  challengeHandlers: [], // add your handlers
 });
 ```
 ### Environmental Considerations
 When creating an instance of `SmartAcme`, you can specify an `environment` option. This is particularly useful for testing, as you can use the `integration` environment to avoid hitting rate limits and for testing your setup without issuing real certificates. Switch to `production` when you are ready to obtain actual certificates.
 ### Complete Example
 Below is a complete example demonstrating how to use `@push.rocks/smartacme` to obtain and manage an ACME certificate with Let's Encrypt using a DNS-01 handler:
 ```typescript
 import { SmartAcme, MongoCertManager } from '@push.rocks/smartacme';
 import * as cloudflare from '@apiclient.xyz/cloudflare';
 import { Qenv } from '@push.rocks/qenv';
 import { Dns01Handler } from '@push.rocks/smartacme/ts/handlers/Dns01Handler.js';
 const qenv = new Qenv('./', './.nogit/');
 const cloudflareAccount = new cloudflare.CloudflareAccount(qenv.getEnvVarOnDemand('CF_TOKEN'));
 async function main() {
  // Initialize MongoDB certificate manager
  const certManager = new MongoCertManager({
    mongoDbUrl: qenv.getEnvVarRequired('MONGODB_URL'),
    mongoDbName: qenv.getEnvVarRequired('MONGODB_DATABASE'),
    mongoDbPass: qenv.getEnvVarRequired('MONGODB_PASSWORD'),
  });
  const smartAcmeInstance = new SmartAcme({
    accountEmail: 'youremail@example.com',
    certManager,
    environment: 'integration',
    challengeHandlers: [new Dns01Handler(cloudflareAccount)],
  });
  await smartAcmeInstance.start();
  const myDomain = 'example.com';
  const myCert = await smartAcmeInstance.getCertificateForDomain(myDomain);
  console.log('Certificate:', myCert);
  await smartAcmeInstance.stop();
 }
 main().catch(console.error);
 ```
 ## Built-in Challenge Handlers
 This module includes three out-of-the-box ACME challenge handlers:
 - **Dns01Handler**
   - Uses a Cloudflare account (from `@apiclient.xyz/cloudflare`) and Smartdns client to set and remove DNS TXT records, then wait for propagation.
   - Import path:
     ```typescript
     import { Dns01Handler } from '@push.rocks/smartacme/ts/handlers/Dns01Handler.js';
     ```
   - Example:
     ```typescript
     import * as cloudflare from '@apiclient.xyz/cloudflare';
     const cfAccount = new cloudflare.CloudflareAccount('CF_TOKEN');
     const dnsHandler = new Dns01Handler(cfAccount);
     ```
 - **Http01Webroot**
   - Writes ACME HTTP-01 challenge files under a file-system webroot (`/.well-known/acme-challenge/`), and removes them on cleanup.
   - Import path:
     ```typescript
     import { Http01Webroot } from '@push.rocks/smartacme/ts/handlers/Http01Handler.js';
     ```
   - Example:
     ```typescript
     const httpHandler = new Http01Webroot({ webroot: '/var/www/html' });
     ```
 - **Http01MemoryHandler**
   - In-memory HTTP-01 challenge handler that stores and serves ACME tokens without disk I/O.
   - Import path:
     ```typescript
     import { Http01MemoryHandler } from '@push.rocks/smartacme/ts/handlers/Http01MemoryHandler.js';
     ```
   - Example (Express integration):
     ```typescript
     import { Http01MemoryHandler } from '@push.rocks/smartacme/ts/handlers/Http01MemoryHandler.js';
     const memoryHandler = new Http01MemoryHandler();
     app.use((req, res, next) => memoryHandler.handleRequest(req, res, next));
     ```
 All handlers implement the `IChallengeHandler<T>` interface and can be combined in the `challengeHandlers` array.
 ## Creating Custom Handlers
 To support additional challenge types or custom validation flows, implement the `IChallengeHandler<T>` interface:
 ```typescript
 import type { IChallengeHandler } from '@push.rocks/smartacme/ts/handlers/IChallengeHandler.js';
 // Define your custom challenge payload type
 interface MyChallenge { type: string; /* ... */ }
 class MyCustomHandler implements IChallengeHandler<MyChallenge> {
   getSupportedTypes(): string[] {
     return ['my-01'];
   }
   // Prepare the challenge (set DNS records, start servers, etc.)
   async prepare(ch: MyChallenge): Promise<void> {
     // preparation logic
   }
   // Optional verify step after prepare
   async verify?(ch: MyChallenge): Promise<void> {
     // verification logic
   }
   // Cleanup after challenge (remove records, stop servers)
   async cleanup(ch: MyChallenge): Promise<void> {
     // cleanup logic
   }
 }
 // Then register your handler:
 const customInstance = new SmartAcme({
   /* other options */, 
   challengeHandlers: [ new MyCustomHandler() ],
   challengePriority: ['my-01'],
 });
 In this example, `Qenv` is used to manage environment variables, and the Cloudflare library is used to handle DNS challenges through the built-in `Dns01Handler` plugin.
 ## Additional Details
 ### Certificate Object
 The certificate object obtained from the `getCertificateForDomain` method has the following properties:
 - `id`: Unique identifier for the certificate.
 - `domainName`: The domain name for which the certificate is issued.
 - `created`: Timestamp of when the certificate was created.
 - `privateKey`: The private key associated with the certificate.
 - `publicKey`: The public key or certificate itself.
 - `csr`: Certificate Signing Request (CSR) used to obtain the certificate.
 - `validUntil`: Timestamp indicating the expiration date of the certificate.
 ### Methods Summary
 - **start()**: Initializes the SmartAcme instance, sets up the ACME client, and registers the account with Let's Encrypt.
 - **stop()**: Closes the MongoDB connection and performs any necessary cleanup.
 - **getCertificateForDomain(domainArg: string)**: Retrieves or obtains a certificate for the specified domain name. If a valid certificate exists in the database, it is returned. Otherwise, a new certificate is requested and stored.
 ### Handling Domain Matching
 The `SmartacmeCertMatcher` class is responsible for matching certificates with the broadest scope for wildcard certificates. The `getCertificateDomainNameByDomainName` method ensures that domains at various levels are correctly matched.
 ```typescript
 import { SmartacmeCertMatcher } from '@push.rocks/smartacme';
 const certMatcher = new SmartacmeCertMatcher();
 const certDomainName = certMatcher.getCertificateDomainNameByDomainName('subdomain.example.com');
 console.log('Certificate Domain Name:', certDomainName); // Output: example.com
 ```
 ### Testing
 Sample tests are provided in the `test` directory. They demonstrate core functionality using the `MemoryCertManager` and built-in challenge handlers. To run all tests, use:
 ```bash
 pnpm test
 ```
 This comprehensive guide ensures you can set up, manage, and test ACME certificates efficiently and effectively using `@push.rocks/smartacme`.
 ---
 ## License and Legal Information
 This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license.md](license.md) file within this repository.
 **Please note:** The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
 ### Trademarks
 This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.
 ### Company Information
 Task Venture Capital GmbH
 Registered at District court Bremen HRB 35230 HB, Germany
 For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.
 By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.
--- a/readme.plan.md
+++ b/readme.plan.md
@ -0,0 +1,3 @@
 ## Plan
 Move the 
--- a/test/test.certmatcher.ts
+++ b/test/test.certmatcher.ts
@ -0,0 +1,29 @@
 import { tap, expect } from '@push.rocks/tapbundle';
 import { SmartacmeCertMatcher } from '../ts/smartacme.classes.certmatcher.js';
 tap.test('should match 2-level domain', async () => {
  const matcher = new SmartacmeCertMatcher();
  expect(matcher.getCertificateDomainNameByDomainName('example.com')).toEqual('example.com');
 });
 tap.test('should match 3-level domain', async () => {
  const matcher = new SmartacmeCertMatcher();
  expect(matcher.getCertificateDomainNameByDomainName('subdomain.example.com')).toEqual('example.com');
 });
 tap.test('should return undefined for deeper domain', async () => {
  const matcher = new SmartacmeCertMatcher();
  // domain with 4 or more levels
  const result = matcher.getCertificateDomainNameByDomainName('a.b.example.com');
  expect(result).toEqual(undefined);
 });
 // Wildcard domain handling
 tap.test('should strip wildcard prefix and return base domain', async () => {
  const matcher = new SmartacmeCertMatcher();
  expect(matcher.getCertificateDomainNameByDomainName('*.example.com')).toEqual('example.com');
  expect(matcher.getCertificateDomainNameByDomainName('*.sub.example.com')).toEqual('sub.example.com');
  expect(matcher.getCertificateDomainNameByDomainName('*.a.b.example.com')).toEqual('a.b.example.com');
 });
 export default tap.start();
--- a/test/test.handlers-dns01.ts
+++ b/test/test.handlers-dns01.ts
@ -0,0 +1,34 @@
 import { tap, expect } from '@push.rocks/tapbundle';
 import { Dns01Handler } from '../ts/handlers/Dns01Handler.js';
 tap.test('Dns01Handler prepare and cleanup calls Cloudflare and DNS functions', async () => {
  let setCalled = false;
  let removeCalled = false;
  // fake Cloudflare API
  const fakeCF: any = {
    convenience: {
      acmeSetDnsChallenge: async (_ch: any) => {
        setCalled = true;
      },
      acmeRemoveDnsChallenge: async (_ch: any) => {
        removeCalled = true;
      },
    },
  };
  // fake DNS checker
  const fakeDNS: any = {
    checkUntilAvailable: async (host: string, rr: string, val: string, count: number, interval: number) => {
      expect(host).toEqual('test.host');
      expect(rr).toEqual('TXT');
      expect(val).toEqual('token');
    },
  };
  const handler = new Dns01Handler(fakeCF, fakeDNS);
  const input = { hostName: 'test.host', challenge: 'token' };
  await handler.prepare(input);
  expect(setCalled).toEqual(true);
  await handler.cleanup(input);
  expect(removeCalled).toEqual(true);
 });
 export default tap.start();
--- a/test/test.handlers-http01-memory.ts
+++ b/test/test.handlers-http01-memory.ts
@ -0,0 +1,58 @@
 import { tap, expect } from '@push.rocks/tapbundle';
 import { Http01MemoryHandler } from '../ts/handlers/Http01MemoryHandler.js';
 tap.test('Http01MemoryHandler serves in-memory challenges and cleans up', async () => {
  const handler = new Http01MemoryHandler();
  const token = 'testtoken';
  const keyAuth = 'keyAuthValue';
  const webPath = `/.well-known/acme-challenge/${token}`;
  const challenge = { type: 'http-01', token, keyAuthorization: keyAuth, webPath };
  // Prepare challenge (store in memory)
  await handler.prepare(challenge);
  // Serve existing challenge without next()
  const req1: any = { url: webPath };
  const res1: any = {
    statusCode: 0,
    headers: {} as Record<string, string>,
    body: '',
    setHeader(name: string, value: string) { this.headers[name] = value; },
    end(body?: string) { this.body = body || ''; },
  };
  handler.handleRequest(req1, res1);
  expect(res1.statusCode).toEqual(200);
  expect(res1.body).toEqual(keyAuth);
  expect(res1.headers['content-type']).toEqual('text/plain');
  // Cleanup challenge (remove from memory)
  await handler.cleanup(challenge);
  // Serve after cleanup without next() should give 404
  const req2: any = { url: webPath };
  const res2: any = {
    statusCode: 0,
    headers: {} as Record<string, string>,
    body: '',
    setHeader(name: string, value: string) { this.headers[name] = value; },
    end(body?: string) { this.body = body || ''; },
  };
  handler.handleRequest(req2, res2);
  expect(res2.statusCode).toEqual(404);
  // Serve after cleanup with next() should call next
  const req3: any = { url: webPath };
  let nextCalled = false;
  const next = () => { nextCalled = true; };
  const res3: any = {
    statusCode: 0,
    headers: {} as Record<string, string>,
    body: '',
    setHeader(name: string, value: string) { this.headers[name] = value; },
    end(body?: string) { this.body = body || ''; },
  };
  handler.handleRequest(req3, res3, next);
  expect(nextCalled).toEqual(true);
 });
 export default tap.start();
--- a/test/test.handlers-http01.ts
+++ b/test/test.handlers-http01.ts
@ -0,0 +1,26 @@
 import { tap, expect } from '@push.rocks/tapbundle';
 import { Http01Webroot } from '../ts/handlers/Http01Handler.js';
 import { promises as fs } from 'fs';
 import * as path from 'path';
 import os from 'os';
 tap.test('Http01Webroot writes challenge file and removes it on cleanup', async () => {
  // create temporary webroot directory
  const tmpDir = await fs.mkdtemp(path.join(os.tmpdir(), 'http01-'));
  const handler = new Http01Webroot({ webroot: tmpDir });
  const token = 'testtoken';
  const keyAuth = 'keyAuthValue';
  const webPath = `/.well-known/acme-challenge/${token}`;
  const input = { type: 'http-01', token, keyAuthorization: keyAuth, webPath };
  // prepare should write the file
  await handler.prepare(input);
  const filePath = path.join(tmpDir, webPath);
  const content = await fs.readFile(filePath, 'utf8');
  expect(content).toEqual(keyAuth);
  // cleanup should remove the file
  await handler.cleanup(input);
  const exists = await fs.stat(filePath).then(() => true).catch(() => false);
  expect(exists).toEqual(false);
 });
 export default tap.start();
--- a/test/test.smartacme.integration.ts
+++ b/test/test.smartacme.integration.ts
@ -0,0 +1,53 @@
 import { tap, expect } from '@push.rocks/tapbundle';
 import { Qenv } from '@push.rocks/qenv';
 import * as cloudflare from '@apiclient.xyz/cloudflare';
 import { SmartAcme, certmanagers } from '../ts/index.js';
 import { Dns01Handler } from '../ts/handlers/Dns01Handler.js';
 // Load environment variables for credentials (stored under .nogit/)
 const testQenv = new Qenv('./', './.nogit/');
 // Cloudflare API token for DNS-01 challenge (must be set in .nogit/ or env)
 const cfToken = (await testQenv.getEnvVarOnDemand('CF_TOKEN'))!;
 const cfAccount = new cloudflare.CloudflareAccount(cfToken);
 // MongoDB connection settings for certificate storage (must be set in .nogit/ or env)
 const mongoDbName = (await testQenv.getEnvVarOnDemand('MONGODB_DATABASE'))!;
 const mongoDbPass = (await testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'))!;
 const mongoDbUrl = (await testQenv.getEnvVarOnDemand('MONGODB_URL'))!;
 let smartAcmeInstance: SmartAcme;
 tap.test('create SmartAcme instance with DNS-01 handler and start', async () => {
  smartAcmeInstance = new SmartAcme({
    accountEmail: 'domains@lossless.org',
    // certManager: new MongoCertManager({ mongoDbName, mongoDbPass, mongoDbUrl }),
    certManager: new certmanagers.MemoryCertManager(),
    environment: 'integration',
    retryOptions: {},
    challengeHandlers: [new Dns01Handler(cfAccount)],
    challengePriority: ['dns-01'],
  });
  await smartAcmeInstance.start();
  expect(smartAcmeInstance).toBeInstanceOf(SmartAcme);
 });
 tap.test('should wipe the certmanager for this test', async () => {
  await smartAcmeInstance.certmanager.wipe();
 });
 tap.test('get a domain certificate via DNS-01 challenge', async () => {
  // Replace 'bleu.de' with your test domain if different
  const domain = 'bleu.de';
  const cert = await smartAcmeInstance.getCertificateForDomain(domain);
  expect(cert).toHaveProperty('domainName');
  expect(cert.domainName).toEqual(domain);
  expect(cert).toHaveProperty('publicKey');
  expect(typeof cert.publicKey).toEqual('string');
  expect(cert.publicKey.length).toBeGreaterThan(0);
 });
 tap.test('stop SmartAcme instance', async () => {
  await smartAcmeInstance.stop();
 });
 export default tap.start();
--- a/test/test.smartacme.ts
+++ b/test/test.smartacme.ts
@ -0,0 +1,61 @@
 import { tap, expect } from '@push.rocks/tapbundle';
 import { SmartAcme, certmanagers } from '../ts/index.js';
 import { Cert } from '../ts/index.js';
 import type { IChallengeHandler } from '../ts/handlers/IChallengeHandler.js';
 // Dummy handler for testing
 class DummyHandler implements IChallengeHandler<any> {
  getSupportedTypes(): string[] { return ['dns-01']; }
  async prepare(_: any): Promise<void> { /* no-op */ }
  async cleanup(_: any): Promise<void> { /* no-op */ }
  async checkWetherDomainIsSupported(_: string): Promise<boolean> { return true; }
 }
 tap.test('constructor throws without challengeHandlers', async () => {
  expect(() => new SmartAcme({
    accountEmail: 'test@example.com',
    certManager: new certmanagers.MemoryCertManager(),
    environment: 'integration',
    retryOptions: {},
  } as any)).toThrow();
 });
 tap.test('constructor accepts valid challengeHandlers', async () => {
  const sa = new SmartAcme({
    accountEmail: 'test@example.com',
    certManager: new certmanagers.MemoryCertManager(),
    environment: 'integration',
    retryOptions: {},
    challengeHandlers: [new DummyHandler()],
  });
  expect(sa).toBeInstanceOf(SmartAcme);
 });
 // Wildcard certificate stub for integration mode (unit test override)
 tap.test('get wildcard certificate stub in integration mode', async () => {
  // Temporarily stub SmartAcme.start and getCertificateForDomain for wildcard
  const origStart = SmartAcme.prototype.start;
  const origGetCert = SmartAcme.prototype.getCertificateForDomain;
  try {
    SmartAcme.prototype.start = async function(): Promise<void> { /* no-op */ };
    SmartAcme.prototype.getCertificateForDomain = async function(domain: string) {
      return new Cert({ domainName: domain });
    };
    const sa = new SmartAcme({
      accountEmail: 'domains@lossless.org',
      certManager: new certmanagers.MemoryCertManager(),
      environment: 'integration',
      retryOptions: {},
      challengeHandlers: [new DummyHandler()],
    });
    await sa.start();
    const domainWildcard = '*.example.com';
    const cert = await sa.getCertificateForDomain(domainWildcard);
    expect(cert.domainName).toEqual(domainWildcard);
    await sa.stop();
  } finally {
    SmartAcme.prototype.start = origStart;
    SmartAcme.prototype.getCertificateForDomain = origGetCert;
  }
 });
 export default tap.start();
--- a/test/test.ts
+++ b/test/test.ts
@ -1,44 +0,0 @@
 import { tap, expect } from '@pushrocks/tapbundle';
 import { Qenv } from '@pushrocks/qenv';
 const testQenv = new Qenv('./', './.nogit/');
 import * as smartacme from '../ts/index';
 let smartAcmeInstance: smartacme.SmartAcme;
 tap.test('should create a valid instance of SmartAcme', async () => {
  smartAcmeInstance = new smartacme.SmartAcme({
    accountEmail: 'domains@lossless.org',
    accountPrivateKey: null,
    mongoDescriptor: {
      mongoDbName: testQenv.getEnvVarOnDemand('MONGODB_DATABASE'),
      mongoDbPass: testQenv.getEnvVarOnDemand('MONGODB_PASSWORD'),
      mongoDbUrl: testQenv.getEnvVarOnDemand('MONGODB_URL')
    },
    removeChallenge: async (...args) => {
      console.log(args);
    },
    setChallenge: async (...args) => {
      console.log(args);
    },
    validateRemoteRequest: async () => {
      return true;
    }
  });
  await smartAcmeInstance.init();
  // await smartAcmeInstance.getCertificateForDomain('bleu.de');
 });
 tap.test('certmatcher should correctly match domains', async () => {
  const certMatcherMod = await import('../ts/smartacme.classes.certmatcher'); 
  const certMatcher = new certMatcherMod.CertMatcher();
  const matchedCert = certMatcher.getCertificateDomainNameByDomainName('level3.level2.level1');
  expect(matchedCert).to.equal('level2.level1');
 });
 tap.test('should stop correctly', async () => {
  await smartAcmeInstance.stop();
 });
 tap.start();
--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@ -0,0 +1,8 @@
 /**
 * autocreated commitinfo by @push.rocks/commitinfo
 */
 export const commitinfo = {
  name: '@push.rocks/smartacme',
  version: '7.3.3',
  description: 'A TypeScript-based ACME client for LetsEncrypt certificate management with a focus on simplicity and power.'
 }
--- a/ts/certmanagers/index.ts
+++ b/ts/certmanagers/index.ts
@ -0,0 +1,2 @@
 export * from './memory.js';
 export * from './mongo.js';
--- a/ts/certmanagers/memory.ts
+++ b/ts/certmanagers/memory.ts
@ -0,0 +1,38 @@
 import * as plugins from '../plugins.js';
 import type { ICertManager } from '../interfaces/certmanager.js';
 import { SmartacmeCert } from '../smartacme.classes.cert.js';
 /**
 * In-memory certificate manager for mongoless mode.
 * Stores certificates in memory only and does not connect to MongoDB.
 */
 export class MemoryCertManager implements ICertManager {
  private certs: Map<string, SmartacmeCert> = new Map();
  public async init(): Promise<void> {
    // no-op for in-memory store
  }
  public async retrieveCertificate(domainName: string): Promise<SmartacmeCert | null> {
    return this.certs.get(domainName) ?? null;
  }
  public async storeCertificate(cert: SmartacmeCert): Promise<void> {
    this.certs.set(cert.domainName, cert);
  }
  public async deleteCertificate(domainName: string): Promise<void> {
    this.certs.delete(domainName);
  }
  public async close(): Promise<void> {
    // no-op
  }
  /**
   * Wipe all certificates from the in-memory store (for testing)
   */
  public async wipe(): Promise<void> {
    this.certs.clear();
  }
 }
--- a/ts/certmanagers/mongo.ts
+++ b/ts/certmanagers/mongo.ts
@ -0,0 +1,52 @@
 import * as plugins from '../plugins.js';
 import type { ICertManager } from '../interfaces/certmanager.js';
 import { SmartacmeCert } from '../smartacme.classes.cert.js';
 /**
 * MongoDB-backed certificate manager using EasyStore from smartdata.
 */
 export class MongoCertManager implements ICertManager {
  private db: plugins.smartdata.SmartdataDb;
  private store: plugins.smartdata.EasyStore<Record<string, any>>;
  /**
   * @param mongoDescriptor MongoDB connection settings
   */
  constructor(mongoDescriptor: plugins.smartdata.IMongoDescriptor) {
    this.db = new plugins.smartdata.SmartdataDb(mongoDescriptor);
    // Use a single EasyStore document to hold all certs keyed by domainName
    this.store = new plugins.smartdata.EasyStore<Record<string, any>>(
      'smartacme-certs',
      this.db,
    );
  }
  public async init(): Promise<void> {
    await this.db.init();
  }
  public async retrieveCertificate(domainName: string): Promise<SmartacmeCert | null> {
    const data = await this.store.readKey(domainName);
    return data ? new SmartacmeCert(data) : null;
  }
  public async storeCertificate(cert: SmartacmeCert): Promise<void> {
    // write plain object for persistence
    await this.store.writeKey(cert.domainName, { ...cert });
  }
  public async deleteCertificate(domainName: string): Promise<void> {
    await this.store.deleteKey(domainName);
  }
  public async close(): Promise<void> {
    await this.db.close();
  }
  /**
   * Wipe all certificates from the persistent store (for integration testing)
   */
  public async wipe(): Promise<void> {
    // clear all keys in the easy store
    await this.store.wipe();
  }
 }
--- a/ts/handlers/Dns01Handler.ts
+++ b/ts/handlers/Dns01Handler.ts
@ -0,0 +1,36 @@
 import * as plugins from '../plugins.js';
 import type { IChallengeHandler } from './IChallengeHandler.js';
 /**
 * DNS-01 challenge handler using CloudflareAccount and Smartdns.
 */
 export class Dns01Handler implements IChallengeHandler<plugins.tsclass.network.IDnsChallenge> {
  private cf: plugins.tsclass.network.IConvenientDnsProvider;
  private smartdns: plugins.smartdnsClient.Smartdns;
  constructor(
    convenientDnsProvider: plugins.tsclass.network.IConvenientDnsProvider,
    smartdnsInstance?: plugins.smartdnsClient.Smartdns,
  ) {
    this.cf = convenientDnsProvider;
    this.smartdns = smartdnsInstance ?? new plugins.smartdnsClient.Smartdns({});
  }
  public getSupportedTypes(): string[] {
    return ['dns-01'];
  }
  public async prepare(ch: plugins.tsclass.network.IDnsChallenge): Promise<void> {
    // set DNS TXT record
    await this.cf.convenience.acmeSetDnsChallenge(ch);
  }
  public async cleanup(ch: plugins.tsclass.network.IDnsChallenge): Promise<void> {
    // remove DNS TXT record
    await this.cf.convenience.acmeRemoveDnsChallenge(ch);
  }
  public async checkWetherDomainIsSupported(domainArg: string): Promise<boolean> {
    return this.cf.convenience.isDomainSupported(domainArg);
  }
 }
--- a/ts/handlers/Http01Handler.ts
+++ b/ts/handlers/Http01Handler.ts
@ -0,0 +1,69 @@
 import * as plugins from '../plugins.js';
 import type { IChallengeHandler } from './IChallengeHandler.js';
 /**
 * HTTP-01 ACME challenge handler using file-system webroot.
 * Writes and removes the challenge file under <webroot>/.well-known/acme-challenge/. 
 */
 export interface Http01WebrootOptions {
  /**
   * Directory that serves HTTP requests for /.well-known/acme-challenge
   */
  webroot: string;
 }
 export class Http01Webroot implements IChallengeHandler<{
  type: string;
  token: string;
  keyAuthorization: string;
  webPath: string;
 }> {
  private smartnetworkInstance = new plugins.smartnetwork.SmartNetwork();
  private smartdnsClient = new plugins.smartdnsClient.Smartdns({});
  private webroot: string;
  constructor(options: Http01WebrootOptions) {
    this.webroot = options.webroot;
  }
  public getSupportedTypes(): string[] {
    return ['http-01'];
  }
  public async prepare(ch: { token: string; keyAuthorization: string; webPath: string }): Promise<void> {
    const relWebPath = ch.webPath.replace(/^\/+/, '');
    const filePath = plugins.path.join(this.webroot, relWebPath);
    const dir = plugins.path.dirname(filePath);
    await plugins.fs.promises.mkdir(dir, { recursive: true });
    await plugins.fs.promises.writeFile(filePath, ch.keyAuthorization, 'utf8');
  }
  public async verify(ch: { webPath: string; keyAuthorization: string }): Promise<void> {
    // Optional: implement HTTP polling if desired
    return;
  }
  public async cleanup(ch: { token: string; webPath: string }): Promise<void> {
    const relWebPath = ch.webPath.replace(/^\/+/, '');
    const filePath = plugins.path.join(this.webroot, relWebPath);
    try {
      await plugins.fs.promises.unlink(filePath);
    } catch {
      // ignore missing file
    }
  }
  public async checkWetherDomainIsSupported(domainArg: string): Promise<boolean> {
    const publicIps = await this.smartnetworkInstance.getPublicIps();
    const aRecords = await this.smartdnsClient.getRecordsA(domainArg);
    const aaaaRecords = await this.smartdnsClient.getRecordsAAAA(domainArg);
    if (aRecords.length && aRecords.some(record => record.value !== publicIps.v4)) {
      return false;
    }
    if (aaaaRecords.length && aaaaRecords.some(record => record.value !== publicIps.v6)) {
      return false;
    }
    return true;
  }
 }
--- a/ts/handlers/Http01MemoryHandler.ts
+++ b/ts/handlers/Http01MemoryHandler.ts
@ -0,0 +1,83 @@
 import * as plugins from '../plugins.js';
 import type { IChallengeHandler } from './IChallengeHandler.js';
 /**
 * HTTP-01 ACME challenge handler using in-memory storage.
 * Stores challenge tokens and key authorizations in memory
 * and serves them via handleRequest for arbitrary HTTP servers.
 */
 export interface Http01MemoryHandlerChallenge {
  type: string;
  token: string;
  keyAuthorization: string;
  webPath: string;
 }
 export class Http01MemoryHandler implements IChallengeHandler<Http01MemoryHandlerChallenge> {
  private smartnetworkInstance = new plugins.smartnetwork.SmartNetwork();
  private smartdnsClient = new plugins.smartdnsClient.Smartdns({});
  private store: Map<string, string> = new Map();
  public getSupportedTypes(): string[] {
    return ['http-01'];
  }
  public async prepare(ch: Http01MemoryHandlerChallenge): Promise<void> {
    this.store.set(ch.token, ch.keyAuthorization);
  }
  public async verify(_ch: Http01MemoryHandlerChallenge): Promise<void> {
    // No-op
    return;
  }
  public async cleanup(ch: Http01MemoryHandlerChallenge): Promise<void> {
    this.store.delete(ch.token);
  }
  /**
   * HTTP request handler for serving ACME HTTP-01 challenges.
   * @param req HTTP request object (should have url property)
   * @param res HTTP response object
   * @param next Optional next() callback for Express-style fallthrough
   */
  public handleRequest(req: any, res: any, next?: () => void): void {
    const url = req.url || '';
    const prefix = '/.well-known/acme-challenge/';
    if (!url.startsWith(prefix)) {
      if (next) {
        return next();
      }
      res.statusCode = 404;
      return res.end();
    }
    const token = url.slice(prefix.length);
    const keyAuth = this.store.get(token);
    if (keyAuth !== undefined) {
      if (typeof res.status === 'function' && typeof res.send === 'function') {
        return res.status(200).send(keyAuth);
      }
      res.statusCode = 200;
      res.setHeader('content-type', 'text/plain');
      return res.end(keyAuth);
    }
    if (next) {
      return next();
    }
    res.statusCode = 404;
    return res.end();
  }
  public async checkWetherDomainIsSupported(domainArg: string): Promise<boolean> {
    const publicIps = await this.smartnetworkInstance.getPublicIps();
    const aRecords = await this.smartdnsClient.getRecordsA(domainArg);
    const aaaaRecords = await this.smartdnsClient.getRecordsAAAA(domainArg);
    if (aRecords.length && aRecords.some((record) => record.value !== publicIps.v4)) {
      return false;
    }
    if (aaaaRecords.length && aaaaRecords.some((record) => record.value !== publicIps.v6)) {
      return false;
    }
    return true;
  }
 }
--- a/ts/handlers/IChallengeHandler.ts
+++ b/ts/handlers/IChallengeHandler.ts
@ -0,0 +1,24 @@
 /**
 * Pluggable interface for ACME challenge handlers.
 * Supports DNS-01, HTTP-01, TLS-ALPN-01, or custom challenge types.
 */
 export interface IChallengeHandler<T> {
  /**
   * ACME challenge types this handler supports (e.g. ['dns-01']).
   */
  getSupportedTypes(): string[];
  /**
   * Prepare the challenge: set DNS record, start HTTP/TLS server, etc.
   */
  prepare(ch: T): Promise<void>;
  /**
   * Optional extra verify step (HTTP GET, ALPN handshake).
   */
  verify?(ch: T): Promise<void>;
  /**
   * Clean up resources: remove DNS record, stop server.
   */
  cleanup(ch: T): Promise<void>;
  checkWetherDomainIsSupported(domainArg: string): Promise<boolean>;
 }
--- a/ts/handlers/index.ts
+++ b/ts/handlers/index.ts
@ -0,0 +1,5 @@
 export type { IChallengeHandler } from './IChallengeHandler.js';
 // Removed legacy handler adapter
 export { Dns01Handler } from './Dns01Handler.js';
 export { Http01Webroot } from './Http01Handler.js';
 export { Http01MemoryHandler } from './Http01MemoryHandler.js';
--- a/ts/index.ts
+++ b/ts/index.ts
@ -1,3 +1,11 @@
-export * from './smartacme.classes.smartacme';
+export * from './smartacme.classes.smartacme.js';
 export { SmartacmeCert as Cert } from './smartacme.classes.cert.js';
 export type { ICertManager } from './interfaces/certmanager.js';
-export * from './smartacme.classes.certremoteclient';
+// certmanagers
 import * as certmanagers from './certmanagers/index.js';
 export { certmanagers };
 // handlers
 import * as handlers from './handlers/index.js';
 export { handlers };
--- a/ts/interfaces/cert.ts
+++ b/ts/interfaces/cert.ts
@ -1,9 +0,0 @@
 export type TCertStatus = 'existing' | 'nonexisting' | 'pending' | 'failed';
 export interface ICert {
  domainName: string;
  created: number;
  privateKey: string;
  publicKey: string;
  csr: string;
 }
--- a/ts/interfaces/certmanager.ts
+++ b/ts/interfaces/certmanager.ts
@ -0,0 +1,36 @@
 import type { SmartacmeCert } from '../smartacme.classes.cert.js';
 // (ICertRecord removed; use SmartacmeCert directly)
 /**
 * Interface for certificate storage managers.
 * Users can implement this to provide custom persistence (in-memory,
 * file-based, Redis, etc.).
 */
 export interface ICertManager {
  /**
   * Initialize the store (e.g., connect to database).
   */
  init(): Promise<void>;
  /**
   * Retrieve a certificate record by domain name.
   * Returns null if none found.
   */
  retrieveCertificate(domainName: string): Promise<SmartacmeCert | null>;
  /**
   * Store a certificate record. Fulfills any pending interests.
   */
  storeCertificate(cert: SmartacmeCert): Promise<void>;
  /**
   * Delete a certificate record by domain name.
   */
  deleteCertificate(domainName: string): Promise<void>;
  /**
   * Close the store (e.g., disconnect database).
   */
  close(): Promise<void>;
  /**
   * Optional: wipe all stored certificates (e.g., for integration testing)
   */
  wipe(): Promise<void>;
 }
--- a/ts/interfaces/certremote.ts
+++ b/ts/interfaces/certremote.ts
@ -1,11 +0,0 @@
 import { ICert, TCertStatus } from './cert';
 export interface ICertRemoteRequest {
  secret: string;
  domainName: string;
 }
 export interface ICertRemoteResponse {
  status: TCertStatus;
  certificate?: ICert;
 }
--- a/ts/interfaces/index.ts
+++ b/ts/interfaces/index.ts
@ -1,3 +1 @@
-export * from './accountdata';
+export * from './accountdata.js';
 export * from './cert';
 export * from './certremote';
--- a/ts/plugins.ts
+++ b/ts/plugins.ts
@ -0,0 +1,57 @@
 // node native
 import * as fs from 'fs';
 import * as path from 'path';
 export { fs, path };
 // @apiclient.xyz scope
 import * as cloudflare from '@apiclient.xyz/cloudflare';
 export { cloudflare };
 // @apiglobal scope
 import * as typedserver from '@api.global/typedserver';
 export { typedserver };
 // @pushrocks scope
 import * as lik from '@push.rocks/lik';
 import * as smartdata from '@push.rocks/smartdata';
 import * as smartdelay from '@push.rocks/smartdelay';
 import * as smartdnsClient from '@push.rocks/smartdns/client';
 import * as smartfile from '@push.rocks/smartfile';
 import * as smartlog from '@push.rocks/smartlog';
 import * as smartnetwork from '@push.rocks/smartnetwork';
 import * as smartpromise from '@push.rocks/smartpromise';
 import * as smartrequest from '@push.rocks/smartrequest';
 import * as smartunique from '@push.rocks/smartunique';
 import * as smartstring from '@push.rocks/smartstring';
 import * as smarttime from '@push.rocks/smarttime';
 export {
  lik,
  smartdata,
  smartdelay,
  smartdnsClient,
  smartfile,
  smartlog,
  smartnetwork,
  smartpromise,
  smartrequest,
  smartunique,
  smartstring,
  smarttime,
 };
 // @tsclass scope
 import * as tsclass from '@tsclass/tsclass';
 export { tsclass };
 // third party scope
 import * as acme from 'acme-client';
 export { acme };
 // local handlers for challenge types
 import * as handlers from './handlers/index.js';
 export { handlers };
--- a/ts/smartacme.classes.cert.ts
+++ b/ts/smartacme.classes.cert.ts
@ -1,40 +1,39 @@
-import * as plugins from './smartacme.plugins';
+import * as plugins from './plugins.js';
-import * as interfaces from './interfaces';
+/**
-
+ * Plain certificate record.
-import { CertManager } from './smartacme.classes.certmanager';
+ */
-
+export class SmartacmeCert {
-import { Collection, svDb, unI } from '@pushrocks/smartdata';
+  public id: string;
 import { ICert } from './interfaces';
@plugins.smartdata.Collection(() => {
  return CertManager.activeDB;
 })
 export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements interfaces.ICert {
  @unI()
  public index: string;
  @svDb()
  public domainName: string;
  @svDb()
  public created: number;
  @svDb()
  public privateKey: string;
  @svDb()
  public publicKey: string;
  @svDb()
  public csr: string;
  public validUntil: number;
-  constructor(optionsArg: ICert) {
+  constructor(data: Partial<SmartacmeCert> = {}) {
-    super();
+    this.id = data.id || '';
-    if (optionsArg) {
+    this.domainName = data.domainName || '';
-      Object.keys(optionsArg).forEach(key => {
+    this.created = data.created || Date.now();
-        this[key] = optionsArg[key];
+    this.privateKey = data.privateKey || '';
-      });
+    this.publicKey = data.publicKey || '';
    this.csr = data.csr || '';
    this.validUntil = data.validUntil || 0;
  }
  /**
   * Check if certificate is still valid.
   */
  public isStillValid(): boolean {
    return this.validUntil >= Date.now();
  }
  /**
   * Check if certificate needs renewal (e.g., expires in <10 days).
   */
  public shouldBeRenewed(): boolean {
    const threshold = Date.now() + plugins.smarttime.getMilliSecondsFromUnits({ days: 10 });
    return this.validUntil < threshold;
  }
 }
--- a/ts/smartacme.classes.certmanager.ts
+++ b/ts/smartacme.classes.certmanager.ts
@ -1,93 +0,0 @@
 import * as plugins from './smartacme.plugins';
 import { Cert } from './smartacme.classes.cert';
 import { SmartAcme } from './smartacme.classes.smartacme';
 import * as interfaces from './interfaces';
 import { ICert } from './interfaces';
 export class CertManager {
  // =========
  // STATIC
  // =========
  public static activeDB: plugins.smartdata.SmartdataDb;
  // =========
  // INSTANCE
  // =========
  private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
  public smartdataDb: plugins.smartdata.SmartdataDb;
  public pendingMap: plugins.lik.Stringmap;
  constructor(smartAcmeArg: SmartAcme,optionsArg: {
    mongoDescriptor: plugins.smartdata.IMongoDescriptor;
  }) {
    this.mongoDescriptor = optionsArg.mongoDescriptor;
  }
  public async init () {
    // Smartdata DB
    this.smartdataDb = new plugins.smartdata.SmartdataDb(this.mongoDescriptor);
    await this.smartdataDb.init();
    CertManager.activeDB = this.smartdataDb;
    // Pending Map
    this.pendingMap = new plugins.lik.Stringmap();
  };
  /**
   * retrieves a certificate
   * @returns the Cert class or null
   * @param domainName the domain Name to retrieve the vcertificate for
   */
  public async retrieveCertificate(domainName: string): Promise<Cert> {
    await this.checkCerts();
    const existingCertificate: Cert = await Cert.getInstance({
      domainName
    });
    if(existingCertificate) {
      return existingCertificate;
    } else {
      return null;
    }
  }
  /**
   * stores the certificate with the 
   * @param publicKeyArg 
   * @param privateKeyArg 
   * @param csrArg 
   */
  public async storeCertificate(optionsArg: ICert) {
    const cert = new Cert(optionsArg);
    cert.save();
  };
  public async deleteCertificate(domainNameArg: string) {
  }
  public async getCertificateStatus(domainNameArg: string): Promise<interfaces.TCertStatus> {
    const isPending = this.pendingMap.checkString('domainNameArg');
    if (isPending) {
      return 'pending';
    }
    // otherwise lets continue
    const existingCertificate = this.retrieveCertificate(domainNameArg);
    if (existingCertificate) {
      return 'existing';
    }
    return 'nonexisting';
  }
  /**
   * checks all certs for expiration
   */
  private async checkCerts() {};
 }
--- a/ts/smartacme.classes.certmatcher.ts
+++ b/ts/smartacme.classes.certmatcher.ts
@ -1,10 +1,26 @@
-import * as plugins from './smartacme.plugins';
+import * as plugins from './plugins.js';
 import * as interfaces from './interfaces/index.js';
-export class CertMatcher {
+/**
-  public getCertificateDomainNameByDomainName(domainNameArg: string): string {
+ * certmatcher is responsible for matching certificates
 */
 export class SmartacmeCertMatcher {
  /**
   * creates a domainName for the certificate that will include the broadest scope
   * for wild card certificates
   * @param domainNameArg the domainNameArg to create the scope from
   */
  public getCertificateDomainNameByDomainName(domainNameArg: string): string | undefined {
    // Handle wildcard domains by stripping the '*.' prefix.
    if (domainNameArg.startsWith('*.')) {
      return domainNameArg.slice(2);
    }
    const originalDomain = new plugins.smartstring.Domain(domainNameArg);
    // For domains with up to 3 levels (no level4), return base domain.
    if (!originalDomain.level4) {
      return `${originalDomain.level2}.${originalDomain.level1}`;
    }
    // Deeper domains (4+ levels) are not supported.
    return undefined;
  }
 }
--- a/ts/smartacme.classes.certremoteclient.ts
+++ b/ts/smartacme.classes.certremoteclient.ts
@ -1,47 +0,0 @@
 import * as plugins from './smartacme.plugins';
 import * as interfaces from './interfaces';
 import { ICertRemoteResponse } from './interfaces';
 // tslint:disable-next-line: max-classes-per-file
 export class CertRemoteClient {
  private remoteUrl: string;
  private secret: string;
  constructor(optionsArg: {
    remoteUrl: string;
    secret: string;
  }) {
    this.remoteUrl = optionsArg.remoteUrl;
    this.secret = optionsArg.secret;
  }
  /**
   * 
   * @param domainNameArg 
   */
  async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
    let certificate: interfaces.ICert;
    const doRequestCycle = async (): Promise<interfaces.ICert> => {
      const response: ICertRemoteResponse = (await plugins.smartrequest.postJson(this.remoteUrl, {
        requestBody: <interfaces.ICertRemoteRequest>{
          domainName: domainNameArg,
          secret: this.secret
        }
      })).body;
      switch(response.status) {
        case 'pending':
          await plugins.smartdelay.delayFor(5000);
          const finalResponse = await doRequestCycle();
          return finalResponse;
        case 'existing':
          return response.certificate;
        case 'failed':
        default:
          console.log(`could not retrieve certificate for ${domainNameArg}`);
          return null;
      }
    };
    certificate = await doRequestCycle();
    return certificate;
  }
 }
--- a/ts/smartacme.classes.smartacme.ts
+++ b/ts/smartacme.classes.smartacme.ts
@ -1,21 +1,43 @@
-import * as plugins from './smartacme.plugins';
+import * as plugins from './plugins.js';
-import { Cert } from './smartacme.classes.cert';
+import type { ICertManager } from './interfaces/certmanager.js';
-import { CertManager } from './smartacme.classes.certmanager';
+import { SmartacmeCertMatcher } from './smartacme.classes.certmatcher.js';
-import { CertMatcher } from './smartacme.classes.certmatcher';
+import { commitinfo } from './00_commitinfo_data.js';
-
+import { SmartacmeCert } from './smartacme.classes.cert.js';
 import * as interfaces from './interfaces';
 import { request } from 'http';
 /**
 * the options for the class @see SmartAcme
 */
 export interface ISmartAcmeOptions {
  accountPrivateKey?: string;
  accountEmail: string;
-  mongoDescriptor: plugins.smartdata.IMongoDescriptor;
+  accountPrivateKey?: string;
-  setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
+  /**
-  removeChallenge: (domainName: string) => Promise<any>;
+   * Certificate storage manager (e.g., Mongo or in-memory).
-  validateRemoteRequest: () => Promise<boolean>;
+   */
  certManager: ICertManager;
  // Removed legacy setChallenge/removeChallenge in favor of `challengeHandlers`
  environment: 'production' | 'integration';
  /**
   * Optional retry/backoff configuration for transient failures
   */
  retryOptions?: {
    /** number of retry attempts */
    retries?: number;
    /** backoff multiplier */
    factor?: number;
    /** initial delay in milliseconds */
    minTimeoutMs?: number;
    /** maximum delay cap in milliseconds */
    maxTimeoutMs?: number;
  };
  /**
   * Pluggable ACME challenge handlers (DNS-01, HTTP-01, TLS-ALPN-01, etc.)
   */
  challengeHandlers?: plugins.handlers.IChallengeHandler<any>[];
  /**
   * Order of challenge types to try (e.g. ['http-01','dns-01']).
   * Defaults to ['dns-01'] or first supported type from handlers.
   */
  challengePriority?: string[];
 }
 /**
@ -32,168 +54,337 @@ export class SmartAcme {
  private options: ISmartAcmeOptions;
  // the acme client
-  private client: any;
+  private client: plugins.acme.Client;
-  private smartdns = new plugins.smartdns.Smartdns();
+  private smartdns = new plugins.smartdnsClient.Smartdns({});
  public logger: plugins.smartlog.Smartlog;
  // the account private key
  private privateKey: string;
  // challenge fullfillment
  private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
  private removeChallenge: (domainName: string) => Promise<any>;
  private validateRemoteRequest: () => Promise<boolean>;
-  // certmanager
+  // certificate manager for persistence (implements ICertManager)
-  private certmanager: CertManager;
+  public certmanager: ICertManager;
-  private certmatcher: CertMatcher;
+  // configured pluggable ACME challenge handlers
-  private certremoteHandler: plugins.smartexpress.Handler;
+  public challengeHandlers: plugins.handlers.IChallengeHandler<any>[];
  private certmatcher: SmartacmeCertMatcher;
  // retry/backoff configuration (resolved with defaults)
  private retryOptions: { retries: number; factor: number; minTimeoutMs: number; maxTimeoutMs: number };
  // track pending DNS challenges for graceful shutdown
  private pendingChallenges: plugins.tsclass.network.IDnsChallenge[] = [];
  // priority order of challenge types
  private challengePriority: string[];
  // Map for coordinating concurrent certificate requests
  private interestMap: plugins.lik.InterestMap<string, SmartacmeCert>;
  constructor(optionsArg: ISmartAcmeOptions) {
    this.options = optionsArg;
    this.logger = plugins.smartlog.Smartlog.createForCommitinfo(commitinfo);
    // enable console output for structured logging
    this.logger.enableConsole();
    // initialize retry/backoff options
    this.retryOptions = {
      retries: optionsArg.retryOptions?.retries ?? 10,
      factor: optionsArg.retryOptions?.factor ?? 4,
      minTimeoutMs: optionsArg.retryOptions?.minTimeoutMs ?? 1000,
      maxTimeoutMs: optionsArg.retryOptions?.maxTimeoutMs ?? 60000,
    };
    // initialize challenge handlers (must provide at least one)
    if (!optionsArg.challengeHandlers || optionsArg.challengeHandlers.length === 0) {
      throw new Error(
        'You must provide at least one ACME challenge handler via options.challengeHandlers',
      );
    }
    this.challengeHandlers = optionsArg.challengeHandlers;
    // initialize challenge priority
    this.challengePriority =
      optionsArg.challengePriority && optionsArg.challengePriority.length > 0
        ? optionsArg.challengePriority
        : this.challengeHandlers.map((h) => h.getSupportedTypes()[0]);
    // initialize interest coordination
    this.interestMap = new plugins.lik.InterestMap((domain) => domain);
  }
  /**
-   * inits the instance
+   * starts the instance
   * ```ts
-   * await myCloudlyInstance.init() // does not support options
+   * await myCloudlyInstance.start() // does not support options
   * ```
   */
-  public async init() {
+  public async start() {
    this.privateKey =
-      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey());
+      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey()).toString();
    this.setChallenge = this.options.setChallenge;
    this.removeChallenge = this.options.removeChallenge;
-    // CertMangaer
+    // Initialize certificate manager
-    this.certmanager = new CertManager(this, {
+    if (!this.options.certManager) {
-      mongoDescriptor: this.options.mongoDescriptor
+      throw new Error('You must provide a certManager via options.certManager');
-    });
+    }
    this.certmanager = this.options.certManager;
    await this.certmanager.init();
    // CertMatcher
-    this.certmatcher = new CertMatcher();
+    this.certmatcher = new SmartacmeCertMatcher();
    // CertRemoteHandler
    this.certremoteHandler = new plugins.smartexpress.Handler('POST', async (req, res) => {
      const requestBody: interfaces.ICertRemoteRequest = req.body;
      const status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(requestBody.domainName);
      const existingCertificate = await this.certmanager.retrieveCertificate(
        requestBody.domainName
      );
      let response: interfaces.ICertRemoteResponse;
      switch (status) {
         case 'existing':
          response = {
            status,
            certificate: {
              created: existingCertificate.created,
              csr: existingCertificate.csr,
              domainName: existingCertificate.domainName,
              privateKey: existingCertificate.privateKey,
              publicKey: existingCertificate.publicKey
            }
          };
          break;
        default:
          response = {
            status
          };
          break;
      }
      res.status(200);
      res.send(response);
      res.end();
    });
    // ACME Client
    this.client = new plugins.acme.Client({
-      directoryUrl: plugins.acme.directory.letsencrypt.staging,
+      directoryUrl: (() => {
-      accountKey: this.privateKey
+        if (this.options.environment === 'production') {
          return plugins.acme.directory.letsencrypt.production;
        } else {
          return plugins.acme.directory.letsencrypt.staging;
        }
      })(),
      accountKey: this.privateKey,
    });
    /* Register account */
    await this.client.createAccount({
      termsOfServiceAgreed: true,
-      contact: [`mailto:${this.options.accountEmail}`]
+      contact: [`mailto:${this.options.accountEmail}`],
    });
    // Setup graceful shutdown handlers
    process.on('SIGINT', () => this.handleSignal('SIGINT'));
    process.on('SIGTERM', () => this.handleSignal('SIGTERM'));
  }
  /**
   * Stops the SmartAcme instance and closes certificate store connections.
   */
  public async stop() {
-    await this.certmanager.smartdataDb.close();
+    if (this.certmanager && typeof (this.certmanager as any).close === 'function') {
      await (this.certmanager as any).close();
    }
  public async getCertificateForDomain(domainArg: string): Promise<Cert> {
    const domain = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
    const retrievedCertificate = await this.certmanager.retrieveCertificate(domain);
    if (retrievedCertificate) {
      return retrievedCertificate;
  }
-
+    /** Retry helper with exponential backoff */
-    /* Place new order */
+    private async retry<T>(operation: () => Promise<T>, operationName: string = 'operation'): Promise<T> {
-    const order = await this.client.createOrder({
+      let attempt = 0;
-      identifiers: [{ type: 'dns', value: domain }, { type: 'dns', value: `*.${domain}` }]
+      let delay = this.retryOptions.minTimeoutMs;
      while (true) {
        try {
          return await operation();
        } catch (err) {
          attempt++;
          if (attempt > this.retryOptions.retries) {
            await this.logger.log('error', `Operation ${operationName} failed after ${attempt} attempts`, err);
            throw err;
          }
          await this.logger.log('warn', `Operation ${operationName} failed on attempt ${attempt}, retrying in ${delay}ms`, err);
          await plugins.smartdelay.delayFor(delay);
          delay = Math.min(delay * this.retryOptions.factor, this.retryOptions.maxTimeoutMs);
        }
      }
    }
    /** Clean up pending challenges and shut down */
    private async handleShutdown(): Promise<void> {
      for (const input of [...this.pendingChallenges]) {
        const type: string = (input as any).type;
        const handler = this.challengeHandlers.find((h) => h.getSupportedTypes().includes(type));
        if (handler) {
          try {
            await handler.cleanup(input);
            await this.logger.log('info', `Removed pending ${type} challenge during shutdown`, input);
          } catch (err) {
            await this.logger.log('error', `Failed to remove pending ${type} challenge during shutdown`, err);
          }
        } else {
          await this.logger.log(
            'warn',
            `No handler for pending challenge type '${type}' during shutdown; skipping cleanup`,
            input,
          );
        }
      }
      this.pendingChallenges = [];
      await this.stop();
    }
    /** Handle process signals for graceful shutdown */
    private handleSignal(sig: string): void {
      this.logger.log('info', `Received signal ${sig}, shutting down gracefully`);
      this.handleShutdown()
        .then(() => process.exit(0))
        .catch((err) => {
          this.logger.log('error', 'Error during shutdown', err).then(() => process.exit(1));
        });
    }
  /**
   * gets a certificate
   * it runs through the following steps
   *
   * * look in the database
   * * if in the database and still valid return it
   * * if not in the database announce it
   * * then get it from letsencrypt
   * * store it
   * * remove it from the pending map (which it go onto by announcing it)
   * * retrieve it from the databse and return it
   *
   * @param domainArg
   */
  public async getCertificateForDomain(domainArg: string): Promise<SmartacmeCert> {
    // Determine if this is a wildcard request (e.g., '*.example.com').
    const isWildcardRequest = domainArg.startsWith('*.');
    // Determine the base domain for certificate retrieval/issuance.
    const certDomainName = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
    if (!certDomainName) {
      throw new Error(`Cannot determine certificate domain for ${domainArg}`);
    }
    // Wildcard certificates require DNS-01 challenge support.
    if (isWildcardRequest) {
      const hasDnsHandler = this.challengeHandlers.some((h) =>
        h.getSupportedTypes().includes('dns-01'),
      );
      if (!hasDnsHandler) {
        throw new Error('Wildcard certificate requests require a DNS-01 challenge handler');
      }
    }
    // Retrieve any existing certificate record by base domain.
    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomainName);
    if (
      !retrievedCertificate &&
      (await this.interestMap.checkInterest(certDomainName))
    ) {
      const existingCertificateInterest = this.interestMap.findInterest(certDomainName);
      const certificate = existingCertificateInterest.interestFullfilled;
      return certificate;
    } else if (retrievedCertificate && !retrievedCertificate.shouldBeRenewed()) {
      return retrievedCertificate;
    } else if (retrievedCertificate && retrievedCertificate.shouldBeRenewed()) {
      // Remove old certificate via certManager
      await this.certmanager.deleteCertificate(certDomainName);
    }
    // lets make sure others get the same interest
    const currentDomainInterst = await this.interestMap.addInterest(certDomainName);
    /* Place new order with retry */
    const order = await this.retry(() => this.client.createOrder({
      identifiers: [
        { type: 'dns', value: certDomainName },
        { type: 'dns', value: `*.${certDomainName}` },
      ],
    }), 'createOrder');
    /* Get authorizations and select challenges */
-    const authorizations = await this.client.getAuthorizations(order);
+    const authorizations = await this.retry(() => this.client.getAuthorizations(order), 'getAuthorizations');
    for (const authz of authorizations) {
-      console.log(authz);
+      await this.logger.log('debug', 'Authorization received', authz);
-      const domainDnsName: string = `_acme-challenge.${authz.identifier.value}`;
+      // select a handler based on configured priority
-      const dnsChallenge: string = authz.challenges.find(challengeArg => {
+      let selectedHandler: { type: string; handler: plugins.handlers.IChallengeHandler<any> } | null = null;
-        return challengeArg.type === 'dns-01';
+      let selectedChallengeArg: any = null;
-      });
+      for (const type of this.challengePriority) {
-      // process.exit(1);
+        const candidate = authz.challenges.find((c: any) => c.type === type);
-      const keyAuthorization: string = await this.client.getChallengeKeyAuthorization(dnsChallenge);
+        if (!candidate) continue;
-
+        const handler = this.challengeHandlers.find((h) => h.getSupportedTypes().includes(type));
        if (handler) {
          selectedHandler = { type, handler };
          selectedChallengeArg = candidate;
          break;
        }
      }
      if (!selectedHandler) {
        throw new Error(`No challenge handler for domain ${authz.identifier.value}: supported types [${this.challengePriority.join(',')}]`);
      }
      const { type, handler } = selectedHandler;
      // build handler input with keyAuthorization
      let input: any;
      // retrieve keyAuthorization for challenge
      const keyAuth = await this.client.getChallengeKeyAuthorization(selectedChallengeArg);
      if (type === 'dns-01') {
        input = { type, hostName: `_acme-challenge.${authz.identifier.value}`, challenge: keyAuth };
      } else if (type === 'http-01') {
        // HTTP-01 requires serving token at webPath
        input = {
          type,
          token: (selectedChallengeArg as any).token,
          keyAuthorization: keyAuth,
          webPath: `/.well-known/acme-challenge/${(selectedChallengeArg as any).token}`,
        };
      } else {
        // generic challenge input: include raw challenge properties
        input = { type, keyAuthorization: keyAuth, ...selectedChallengeArg };
      }
      this.pendingChallenges.push(input);
      try {
-        /* Satisfy challenge */
+        // Prepare the challenge (set DNS record, write file, etc.)
-        await this.setChallenge(domainDnsName, keyAuthorization);
+        await this.retry(() => handler.prepare(input), `${type}.prepare`);
-        await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
+        // For DNS-01, wait for propagation before verification
-
+        if (type === 'dns-01') {
-        /* Verify that challenge is satisfied */
+          const dnsInput = input as { hostName: string; challenge: string };
-        await this.client.verifyChallenge(authz, dnsChallenge);
+          // Wait for authoritative DNS propagation before ACME verify
-
+          await this.retry(
-        /* Notify ACME provider that challenge is satisfied */
+            () => this.smartdns.checkUntilAvailable(dnsInput.hostName, 'TXT', dnsInput.challenge, 100, 5000),
-        await this.client.completeChallenge(dnsChallenge);
+            `${type}.propagation`,
-
+          );
-        /* Wait for ACME provider to respond with valid status */
+          // Extra cool-down to ensure ACME server sees the new TXT record
-        await this.client.waitForValidStatus(dnsChallenge);
+          this.logger.log('info', 'Cooling down for 1 minute before ACME verification');
          await plugins.smartdelay.delayFor(60000);
        }
        // Official ACME verification (ensures challenge is publicly reachable)
        await this.retry(
          () => this.client.verifyChallenge(authz, selectedChallengeArg),
          `${type}.verifyChallenge`,
        );
        // Notify ACME server to complete the challenge
        await this.retry(
          () => this.client.completeChallenge(selectedChallengeArg),
          `${type}.completeChallenge`,
        );
        // Wait for valid status (warnings on staging timeouts)
        try {
          await this.retry(
            () => this.client.waitForValidStatus(selectedChallengeArg),
            `${type}.waitForValidStatus`,
          );
        } catch (err) {
          await this.logger.log(
            'warn',
            `Challenge ${type} did not reach valid status in time, proceeding to finalize`,
            err,
          );
        }
      } finally {
-        /* Clean up challenge response */
+        // Always cleanup resource
        try {
-          await this.removeChallenge(domainDnsName);
+          await this.retry(() => handler.cleanup(input), `${type}.cleanup`);
-        } catch (e) {
+        } catch (err) {
-          console.log(e);
+          await this.logger.log('error', `Error during ${type}.cleanup`, err);
        } finally {
          this.pendingChallenges = this.pendingChallenges.filter((c) => c !== input);
        }
      }
    }
    /* Finalize order */
    const [key, csr] = await plugins.acme.forge.createCsr({
-      commonName: `*.${domain}`,
+      commonName: `*.${certDomainName}`,
-      altNames: [domain]
+      altNames: [certDomainName],
    });
-    await this.client.finalizeOrder(order, csr);
+    await this.retry(() => this.client.finalizeOrder(order, csr), 'finalizeOrder');
-    const cert = await this.client.getCertificate(order);
+    const cert = await this.retry(() => this.client.getCertificate(order), 'getCertificate');
    /* Done */
    console.log(`CSR:\n${csr.toString()}`);
    console.log(`Private key:\n${key.toString()}`);
    console.log(`Certificate:\n${cert.toString()}`);
-    await this.certmanager.storeCertificate({
+    // Store the new certificate record
-      domainName: domainArg,
+    const certRecord = new SmartacmeCert({
      id: plugins.smartunique.shortId(),
      domainName: certDomainName,
      privateKey: key.toString(),
      publicKey: cert.toString(),
      csr: csr.toString(),
-      created: Date.now()
+      created: Date.now(),
      validUntil: Date.now() + plugins.smarttime.getMilliSecondsFromUnits({ days: 90 }),
    });
    await this.certmanager.storeCertificate(certRecord);
-    const newCertificate = await this.certmanager.retrieveCertificate(domainArg);
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomainName);
    currentDomainInterst.fullfillInterest(newCertificate);
    currentDomainInterst.destroy();
    return newCertificate;
  }
 }
--- a/ts/smartacme.plugins.ts
+++ b/ts/smartacme.plugins.ts
@ -1,18 +0,0 @@
 // @pushrocks scope
 import * as lik from '@pushrocks/lik';
 import * as smartdata from '@pushrocks/smartdata';
 import * as smartdelay from '@pushrocks/smartdelay';
 import * as smartdns from '@pushrocks/smartdns';
 import * as smartexpress from '@pushrocks/smartexpress';
 import * as smartpromise from '@pushrocks/smartpromise';
 import * as smartrequest from '@pushrocks/smartrequest';
 import * as smartunique from '@pushrocks/smartunique';
 import * as smartstring from '@pushrocks/smartstring';
 import * as smarttime from '@pushrocks/smarttime';
 export { lik, smartdata, smartdelay, smartdns, smartexpress, smartpromise, smartrequest, smartunique, smartstring, smarttime };
 // thirs party scope
 import * as acme from 'acme-client';
 export { acme };
--- a/tsconfig.json
+++ b/tsconfig.json
@ -1,7 +1,22 @@
 {
  "compilerOptions": {
    "experimentalDecorators": true,
-    "target": "es2017",
+    "emitDecoratorMetadata": true,
-    "module": "commonjs"
+    "useDefineForClassFields": false,
-  }
+    "target": "ES2022",
    "module": "NodeNext",
    "moduleResolution": "NodeNext",
    "esModuleInterop": true,
    "verbatimModuleSyntax": true,
    "baseUrl": ".",
    "paths": {}
  },
  "include": [
    "ts/**/*.ts"
  ],
  "exclude": [
    "node_modules",
    "test",
    "dist_*/**/*.d.ts"
  ]
 }
--- a/tslint.json
+++ b/tslint.json
@ -1,17 +0,0 @@
 {
  "extends": ["tslint:latest", "tslint-config-prettier"],
  "rules": {
    "semicolon": [true, "always"],
    "no-console": false,
    "ordered-imports": false,
    "object-literal-sort-keys": false,
    "member-ordering": {
      "options":{
        "order": [
          "static-method"
        ]
      }
    }
  },
  "defaultSeverity": "warning"
 }
Author	SHA1	Message	Date
Philipp Kunz	01f7018540	7.3.3 Some checks failed Default (tags) / security (push) Successful in 38s Details Default (tags) / test (push) Failing after 45m22s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-05 17:29:17 +00:00
Philipp Kunz	3cee6c534a	fix(SmartAcme): Remove duplicate challengeHandlers declaration from SmartAcme class	2025-05-05 17:29:16 +00:00
Philipp Kunz	47d1609a49	7.3.2 Some checks failed Default (tags) / security (push) Successful in 37s Details Default (tags) / test (push) Failing after 45m21s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-05 14:39:23 +00:00
Philipp Kunz	d69eb73afc	fix(test): Add missing checkWetherDomainIsSupported implementation to DummyHandler for interface compliance in tests	2025-05-05 14:39:23 +00:00
Philipp Kunz	0a1d617ce3	7.3.1 Some checks failed Default (tags) / security (push) Successful in 38s Details Default (tags) / test (push) Failing after 45m20s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-05 14:06:23 +00:00
Philipp Kunz	f78b50757c	fix(core): Refactor import paths and update dependency references	2025-05-05 14:06:23 +00:00
Philipp Kunz	0e6bbc5be6	7.3.0 Some checks failed Default (tags) / security (push) Successful in 35s Details Default (tags) / test (push) Failing after 45m11s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-05 12:02:04 +00:00
Philipp Kunz	10511b4293	feat(index): Bump @tsclass/tsclass to 9.2.0 and update module exports to include handlers	2025-05-05 12:02:04 +00:00
Philipp Kunz	d456876de7	7.2.5 Some checks failed Default (tags) / security (push) Successful in 24s Details Default (tags) / test (push) Failing after 45m11s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-05 10:50:23 +00:00
Philipp Kunz	fe495a5f03	fix(smartacme): Refactor module exports and update wildcard certificate support documentation	2025-05-05 10:50:23 +00:00
Philipp Kunz	88ba970494	7.2.4 Some checks failed Default (tags) / security (push) Successful in 41s Details Default (tags) / test (push) Failing after 45m13s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-04 11:40:01 +00:00
Philipp Kunz	1e7e1739b8	fix(test): Refactor wildcard certificate test to properly stub SmartAcme.start and getCertificateForDomain for robust integration.	2025-05-04 11:40:01 +00:00
Philipp Kunz	0c6da9ff74	update	2025-05-04 10:29:33 +00:00
Philipp Kunz	1698abef16	7.2.3 Some checks failed Default (tags) / security (push) Successful in 23s Details Default (tags) / test (push) Failing after 1m2s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-01 11:38:36 +00:00
Philipp Kunz	a0f6a14b63	fix(docs): Improve certificate manager documentation with detailed examples and custom implementation guide	2025-05-01 11:38:35 +00:00
Philipp Kunz	876d876661	7.2.2 Some checks failed Default (tags) / security (push) Successful in 39s Details Default (tags) / test (push) Failing after 54s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-01 11:33:55 +00:00
Philipp Kunz	ae212c53d5	fix(readme): Update readme documentation: switch installation instructions to pnpm and clarify usage with MongoCertManager and updated SmartAcme options	2025-05-01 11:33:55 +00:00
Philipp Kunz	b9866c2ced	7.2.1 Some checks failed Default (tags) / security (push) Successful in 33s Details Default (tags) / test (push) Failing after 53s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-01 09:28:10 +00:00
Philipp Kunz	c863c7295d	fix(smartacme): Centralize interest map coordination and remove redundant interestMap from cert managers	2025-05-01 09:28:10 +00:00
Philipp Kunz	b8bb4af184	7.2.0 Some checks failed Default (tags) / security (push) Successful in 37s Details Default (tags) / test (push) Failing after 54s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-05-01 09:15:19 +00:00
Philipp Kunz	6fedf0505e	feat(core): Refactor SmartAcme core to centralize interest coordination and update dependencies	2025-05-01 09:15:19 +00:00
Philipp Kunz	f814038a6a	7.1.0 Some checks failed Default (tags) / security (push) Successful in 38s Details Default (tags) / test (push) Failing after 54s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-04-30 18:18:45 +00:00
Philipp Kunz	9dc8c1d8a3	feat(certmanagers/integration): Add optional wipe methods to certificate managers and update integration tests, plus bump tapbundle dependency	2025-04-30 18:18:45 +00:00
Philipp Kunz	758c6c6b5d	7.0.0 Some checks failed Default (tags) / security (push) Successful in 37s Details Default (tags) / test (push) Failing after 54s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-04-30 17:27:17 +00:00
Philipp Kunz	6363ec4be6	BREAKING CHANGE(SmartAcme (Cert Management)): Refactor certificate management and challenge handling API to use a unified certManager interface, remove legacy storage, and update challenge workflows.	2025-04-30 17:27:17 +00:00
Philipp Kunz	6a53346d14	6.2.0 Some checks failed Default (tags) / security (push) Successful in 37s Details Default (tags) / test (push) Failing after 54s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-04-30 14:55:03 +00:00
Philipp Kunz	fc420eb615	feat(handlers): Add in-memory HTTP-01 challenge handler and rename file-based handler to Http01Webroot	2025-04-30 14:55:03 +00:00
Philipp Kunz	9f66a0487f	6.1.3 Some checks failed Default (tags) / security (push) Successful in 36s Details Default (tags) / test (push) Failing after 53s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-04-30 12:59:20 +00:00
Philipp Kunz	40cae220d0	fix(Dns01Handler): Update dependency versions and refine Dns01Handler implementation	2025-04-30 12:59:20 +00:00
Philipp Kunz	f7dccb25e4	6.1.2 Some checks failed Default (tags) / security (push) Successful in 22s Details Default (tags) / test (push) Failing after 51s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-04-27 14:51:22 +00:00
Philipp Kunz	da75c52c09	fix(repo): Update repository metadata by replacing the LICENSE file with a license.md file for improved consistency.	2025-04-27 14:51:22 +00:00
Philipp Kunz	708145c550	6.1.1 Some checks failed Default (tags) / security (push) Successful in 32s Details Default (tags) / test (push) Failing after 51s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-04-27 14:50:28 +00:00
Philipp Kunz	0de2178eb5	fix(readme): Fix license link reference in documentation	2025-04-27 14:50:28 +00:00
Philipp Kunz	5183d88b69	6.1.0 Some checks failed Default (tags) / security (push) Successful in 38s Details Default (tags) / test (push) Failing after 50s Details Default (tags) / release (push) Has been skipped Details Default (tags) / metadata (push) Has been skipped Details	2025-04-27 14:39:59 +00:00
Philipp Kunz	d5e7e11256	feat(readme): Update documentation with detailed built-in challenge handlers and custom handler examples	2025-04-27 14:39:59 +00:00
Philipp Kunz	916ac9ff8c	6.0.1	2025-04-27 14:30:53 +00:00
Philipp Kunz	b7005f360c	fix(readme): Remove extraneous code fence markers from license section in readme	2025-04-27 14:30:53 +00:00
Philipp Kunz	49f5d344a4	6.0.0	2025-04-27 14:28:06 +00:00
Philipp Kunz	58015f0b58	BREAKING CHANGE(SmartAcme): Refactor challenge handling by removing legacy setChallenge/removeChallenge in favor of pluggable challengeHandlers and update documentation and tests accordingly	2025-04-27 14:28:05 +00:00
Philipp Kunz	48018b8955	5.1.0	2025-04-27 13:21:41 +00:00
Philipp Kunz	56a440660b	feat(smartacme): Implement exponential backoff retry logic and graceful shutdown handling in SmartAcme; update acme-client dependency to v5.4.0	2025-04-27 13:21:41 +00:00
Philipp Kunz	82bfc20a6d	5.0.1	2025-04-26 12:48:38 +00:00
Philipp Kunz	b84714b208	fix(build): Update CI workflows, bump dependency versions, and refine import and TypeScript configuration	2025-04-26 12:48:38 +00:00
Philipp Kunz	6425e4a93f	5.0.0	2024-06-16 13:56:31 +02:00
Philipp Kunz	55fa1215ae	BREAKING CHANGE(structure): renamed classes to avoid confusion	2024-06-16 13:56:30 +02:00
Philipp Kunz	3769468b01	update description	2024-05-29 14:11:35 +02:00
Philipp Kunz	6ea919780c	update tsconfig	2024-04-14 17:18:13 +02:00
Philipp Kunz	b5afe8e842	update npmextra.json: githost	2024-04-01 21:33:37 +02:00
Philipp Kunz	942e444d41	update npmextra.json: githost	2024-04-01 19:57:35 +02:00
Philipp Kunz	1ab15c0b72	update npmextra.json: githost	2024-03-30 21:46:32 +01:00
Philipp Kunz	f1db9c1c5d	4.0.8	2024-01-28 16:08:33 +01:00
Philipp Kunz	e3974b3bb1	fix(core): update	2024-01-28 16:08:32 +01:00
Philipp Kunz	016b93ea3a	4.0.7	2024-01-28 02:50:42 +01:00
Philipp Kunz	ab870af0bb	fix(core): update	2024-01-28 02:50:41 +01:00
Philipp Kunz	8cda69b3c2	4.0.6	2023-07-21 19:01:26 +02:00
Philipp Kunz	3641d75e2f	fix(core): update	2023-07-21 19:01:26 +02:00
Philipp Kunz	fd343c1558	4.0.5	2023-07-21 18:59:18 +02:00
Philipp Kunz	76650ac199	fix(core): update	2023-07-21 18:59:17 +02:00
Philipp Kunz	d9ba5f20b1	4.0.4	2023-07-21 18:49:19 +02:00
Philipp Kunz	941923e90f	fix(core): update	2023-07-21 18:49:18 +02:00
Philipp Kunz	e38b4c1215	switch to new org scheme	2023-07-11 00:09:13 +02:00
Philipp Kunz	d405bf63a3	switch to new org scheme	2023-07-10 02:41:58 +02:00
Philipp Kunz	737f5bf5cc	4.0.3	2023-01-06 14:08:18 +01:00
Philipp Kunz	149cdf67bb	fix(core): update	2023-01-06 14:08:18 +01:00
Philipp Kunz	c35ff8d711	4.0.2	2022-09-27 19:55:38 +02:00
Philipp Kunz	f2bd9b65aa	fix(core): update	2022-09-27 19:55:38 +02:00
Philipp Kunz	018a25ba6a	4.0.1	2022-09-27 15:44:06 +02:00
Philipp Kunz	3c052df1e7	fix(core): update	2022-09-27 15:44:06 +02:00
Philipp Kunz	17c85eb8b9	4.0.0	2022-09-27 15:40:55 +02:00
Philipp Kunz	2bcb31e4d6	BREAKING CHANGE(core): update	2022-09-27 15:40:55 +02:00
Phil Kunz	70aef3fe7e	3.0.15	2021-01-22 23:43:22 +00:00
Phil Kunz	734bde4a98	fix(core): update	2021-01-22 23:43:21 +00:00
Phil Kunz	c7d9a42feb	3.0.14	2021-01-22 23:32:34 +00:00
Phil Kunz	f20bc72abb	fix(core): update	2021-01-22 23:32:34 +00:00
Phil Kunz	cd2cfce683	3.0.13	2021-01-22 22:59:28 +00:00
Phil Kunz	44ab180474	fix(core): update	2021-01-22 22:59:27 +00:00
Phil Kunz	15557dfdd6	3.0.12	2021-01-22 20:31:56 +00:00
Phil Kunz	488f616d34	fix(core): update	2021-01-22 20:31:55 +00:00
Phil Kunz	e920406ce9	3.0.11	2021-01-22 18:47:02 +00:00
Phil Kunz	e044fd81bd	fix(core): update	2021-01-22 18:47:01 +00:00
Phil Kunz	edaccc357d	3.0.10	2021-01-22 18:33:53 +00:00
Phil Kunz	67f645ad50	fix(core): update	2021-01-22 18:33:53 +00:00
Phil Kunz	bfeced5f34	3.0.9	2020-11-18 16:52:50 +00:00
Phil Kunz	24b9794a18	fix(core): update	2020-11-18 16:52:49 +00:00
Phil Kunz	a781329a47	3.0.8	2020-08-13 03:10:38 +00:00
Phil Kunz	6b5e0a1207	fix(core): update	2020-08-13 03:10:37 +00:00
Phil Kunz	2455adfbca	3.0.7	2020-08-12 16:36:06 +00:00
Phil Kunz	a2cf86b62f	fix(core): update	2020-08-12 16:36:06 +00:00
Phil Kunz	7277906851	3.0.6	2020-05-17 16:21:26 +00:00
Phil Kunz	9da9ebb01e	fix(core): update	2020-05-17 16:21:25 +00:00
Phil Kunz	f70684b773	3.0.5	2020-02-21 10:48:09 +00:00
Phil Kunz	8b19b206a4	fix(core): update	2020-02-21 10:48:08 +00:00
Phil Kunz	6be2866ddd	3.0.4	2020-02-19 19:17:59 +00:00
Phil Kunz	ab55d3c91a	fix(core): update	2020-02-19 19:17:58 +00:00
Phil Kunz	c7ee7eb774	3.0.3	2020-02-19 18:48:50 +00:00
Phil Kunz	02daa13a2f	fix(core): update	2020-02-19 18:48:49 +00:00
Phil Kunz	28944b1100	3.0.2	2020-02-10 20:36:02 +00:00
Phil Kunz	7ec04d6d3d	fix(core): update	2020-02-10 20:36:01 +00:00
Phil Kunz	595d4d8894	3.0.1	2020-02-10 20:16:50 +00:00
Phil Kunz	04ed28f7d1	fix(core): update	2020-02-10 20:16:49 +00:00
Phil Kunz	6c95cec709	3.0.0	2020-02-10 20:13:07 +00:00
Phil Kunz	59173b3ca8	BREAKING CHANGE(core): streamline scope to certificate retrieval using dns challenge	2020-02-10 20:13:06 +00:00
Phil Kunz	c2036bba90	2.1.2	2020-02-10 11:15:48 +00:00
Phil Kunz	83afea95e6	fix(core): update	2020-02-10 11:15:47 +00:00
Phil Kunz	ac515f5e80	2.1.1	2020-01-19 11:09:32 +00:00
Phil Kunz	6abbf58b83	fix(core): update	2020-01-19 11:09:32 +00:00
Phil Kunz	9c25ecdc02	2.1.0	2019-02-06 14:37:01 +01:00
Phil Kunz	81a15da2d0	feat(Cert): now has validity check	2019-02-06 14:37:00 +01:00
Phil Kunz	86929251ba	update	2019-02-06 09:47:33 +01:00
Phil Kunz	1d8fb2b296	2.0.36	2019-01-18 01:35:00 +01:00
Phil Kunz	9d5f0d7a5d	fix(core): update	2019-01-18 01:34:59 +01:00
Phil Kunz	82b1d68576	2.0.35	2019-01-17 22:50:22 +01:00
Phil Kunz	e04b23aceb	fix(core): update	2019-01-17 22:50:21 +01:00
Phil Kunz	8e255938b5	2.0.34	2019-01-17 22:47:58 +01:00
Phil Kunz	f2eb9666a7	fix(core): update	2019-01-17 22:47:58 +01:00
Phil Kunz	cbdb0c8b08	2.0.33	2019-01-17 22:13:10 +01:00
Phil Kunz	f821f4d9cc	fix(core): update	2019-01-17 22:13:10 +01:00
Phil Kunz	6cfcf21d95	2.0.32	2019-01-17 01:15:22 +01:00
Phil Kunz	a33090bb5e	fix(core): update	2019-01-17 01:15:22 +01:00
Phil Kunz	3151829f85	2.0.31	2019-01-16 22:34:38 +01:00
Phil Kunz	eca63e588c	fix(core): update	2019-01-16 22:34:38 +01:00
Phil Kunz	9d23e205d8	2.0.30	2019-01-16 02:34:48 +01:00
Phil Kunz	5ecdf7c9fd	fix(core): update	2019-01-16 02:34:47 +01:00
Phil Kunz	2817a65e21	2.0.29	2019-01-15 23:59:21 +01:00
Phil Kunz	09a8bc5cb5	fix(core): update	2019-01-15 23:59:21 +01:00
Phil Kunz	a1134cf227	2.0.28	2019-01-15 23:39:31 +01:00
Phil Kunz	4ee1c4b08c	fix(core): update	2019-01-15 23:39:31 +01:00
Phil Kunz	08c3eaa65f	2.0.27	2019-01-14 02:46:36 +01:00
Phil Kunz	2717f08476	fix(core): update	2019-01-14 02:46:36 +01:00
Phil Kunz	f16dbeea32	2.0.26	2019-01-13 21:40:40 +01:00
Phil Kunz	a0c0230419	fix(core): update	2019-01-13 21:40:40 +01:00
Phil Kunz	0d1ebf2d1a	2.0.25	2019-01-13 19:40:32 +01:00
Phil Kunz	6edbf3cb46	fix(core): update	2019-01-13 19:40:32 +01:00
Phil Kunz	b26f7ac3e9	2.0.24	2019-01-13 19:15:04 +01:00
Phil Kunz	5129c5d601	fix(core): update	2019-01-13 19:15:03 +01:00
Phil Kunz	d09b3fd1bc	2.0.23	2019-01-13 02:11:56 +01:00
Phil Kunz	14fccd40d8	fix(core): update	2019-01-13 02:11:56 +01:00
		`@ -0,0 +1,2 @@`
							`- this repo is dependent on letsencrypt and its limits`
							`- to simpify the outside API, smartacme is stateful, meaning it works with a mongodb and a collection called 'SmartacmeCert'.`
		`@ -0,0 +1,2 @@`
							`export * from './memory.js';`
							`export * from './mongo.js';`