3.0.4

.gitignore

@@ -1,5 +1,22 @@
-node_modules/
+.nogit/
+
+# artifacts
 coverage/
 public/
 pages/
-.nogit/
+
+# installs
+node_modules/
+
+# caches
+.yarn/
+.cache/
+.rpt2_cache
+
+# builds
+dist/
+dist_web/
+dist_serve/
+dist_ts_web/
+
+# custom

.gitlab-ci.yml

@@ -1,10 +1,10 @@
-# gitzone standard
-image: hosttoday/ht-docker-node:npmci
+# gitzone ci_default
+image: registry.gitlab.com/hosttoday/ht-docker-node:npmci
 
 cache:
   paths:
     - .npmci_cache/
-  key: "$CI_BUILD_STAGE"
+  key: '$CI_BUILD_STAGE'
 
 stages:
   - security
@@ -20,62 +20,27 @@ mirror:
   script:
     - npmci git mirror
   tags:
+    - lossless
     - docker
     - notpriv
 
 snyk:
+  image: registry.gitlab.com/hosttoday/ht-docker-node:snyk
   stage: security
   script:
     - npmci npm prepare
-    - npmci command npm install -g snyk
     - npmci command npm install --ignore-scripts
     - npmci command snyk test
   tags:
+    - lossless
     - docker
     - notpriv
 
-sast:
-  stage: security
-  image: registry.gitlab.com/hosttoday/ht-docker-dbase:npmci
-  variables:
-    DOCKER_DRIVER: overlay2
-  allow_failure: true
-  services:
-    - docker:stable-dind
-  script:
-    - npmci npm prepare
-    - npmci npm install
-    - npmci command npm run build
-    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
-    - docker run
-        --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
-        --volume "$PWD:/code"
-        --volume /var/run/docker.sock:/var/run/docker.sock
-        "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code
-  artifacts:
-    reports:
-      sast: gl-sast-report.json
-  tags:
-  - docker
-  - priv
-
 # ====================
 # test stage
 # ====================
 
-testLTS:
-  stage: test
-  script:
-  - npmci npm prepare
-  - npmci node install lts
-  - npmci npm install
-  - npmci npm test
-  coverage: /\d+.?\d+?\%\s*coverage/
-  tags:
-  - docker
-  - notpriv
-    
-testSTABLE:
+testStable:
   stage: test
   script:
     - npmci npm prepare
@@ -84,6 +49,20 @@ testSTABLE:
     - npmci npm test
   coverage: /\d+.?\d+?\%\s*coverage/
   tags:
+    - lossless
+    - docker
+    - priv
+
+testBuild:
+  stage: test
+  script:
+    - npmci npm prepare
+    - npmci node install stable
+    - npmci npm install
+    - npmci command npm run build
+  coverage: /\d+.?\d+?\%\s*coverage/
+  tags:
+    - lossless
     - docker
     - notpriv
 
@@ -95,6 +74,7 @@ release:
   only:
     - tags
   tags:
+    - lossless
     - docker
     - notpriv
 
@@ -103,20 +83,14 @@ release:
 # ====================
 codequality:
   stage: metadata
-  image: docker:stable
   allow_failure: true
-  services:
-    - docker:stable-dind
   script:
-    - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/')
-    - docker run
-        --env SOURCE_CODE="$PWD"
-        --volume "$PWD":/code
-        --volume /var/run/docker.sock:/var/run/docker.sock
-        "registry.gitlab.com/gitlab-org/security-products/codequality:$SP_VERSION" /code
-  artifacts:
-    paths: [codeclimate.json]
+    - npmci command npm install -g tslint typescript
+    - npmci npm prepare
+    - npmci npm install
+    - npmci command "tslint -c tslint.json ./ts/**/*.ts"
   tags:
+    - lossless
     - docker
     - priv
 
@@ -127,18 +101,20 @@ trigger:
   only:
     - tags
   tags:
+    - lossless
     - docker
     - notpriv
 
 pages:
-  image: hosttoday/ht-docker-node:npmci
   stage: metadata
   script:
-    - npmci command npm install -g typedoc typescript
+    - npmci node install lts
+    - npmci command npm install -g @gitzone/tsdoc
     - npmci npm prepare
     - npmci npm install
-    - npmci command typedoc --module "commonjs" --target "ES2016" --out public/ ts/
+    - npmci command tsdoc
   tags:
+    - lossless
     - docker
     - notpriv
   only:

.vscode/launch.json

@@ -0,0 +1,29 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "current file",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "${relativeFile}"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    },
+    {
+      "name": "test.ts",
+      "type": "node",
+      "request": "launch",
+      "args": [
+        "test/test.ts"
+      ],
+      "runtimeArgs": ["-r", "@gitzone/tsrun"],
+      "cwd": "${workspaceRoot}",
+      "protocol": "inspector",
+      "internalConsoleOptions": "openOnSessionStart"
+    }
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,26 @@
+{
+  "json.schemas": [
+    {
+      "fileMatch": ["/npmextra.json"],
+      "schema": {
+        "type": "object",
+        "properties": {
+          "npmci": {
+            "type": "object",
+            "description": "settings for npmci"
+          },
+          "gitzone": {
+            "type": "object",
+            "description": "settings for gitzone",
+            "properties": {
+              "projectType": {
+                "type": "string",
+                "enum": ["website", "element", "service", "npm"]
+              }
+            }
+          }
+        }
+      }
+    }
+  ]
+}

npmextra.json

@@ -1,5 +1,6 @@
 {
   "gitzone": {
+    "projectType": "npm",
     "module": {
       "githost": "gitlab.com",
       "gitscope": "pushrocks",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pushrocks/smartacme",
-  "version": "2.1.0",
+  "version": "3.0.4",
   "private": false,
   "description": "acme with an easy yet powerful interface in TypeScript",
   "main": "dist/index.js",
@@ -25,28 +25,40 @@
   },
   "homepage": "https://gitlab.com/umbrellazone/smartacme#README",
   "dependencies": {
-    "@pushrocks/lik": "^3.0.4",
-    "@pushrocks/smartdata": "^3.1.13",
-    "@pushrocks/smartdelay": "^2.0.2",
-    "@pushrocks/smartdns": "^3.0.8",
-    "@pushrocks/smartexpress": "^3.0.6",
-    "@pushrocks/smartlog": "^2.0.11",
-    "@pushrocks/smartpromise": "^2.0.5",
-    "@pushrocks/smartrequest": "^1.1.14",
-    "@pushrocks/smartstring": "^3.0.8",
-    "@pushrocks/smarttime": "^3.0.5",
+    "@pushrocks/lik": "^3.0.19",
+    "@pushrocks/smartdata": "^3.1.26",
+    "@pushrocks/smartdelay": "^2.0.6",
+    "@pushrocks/smartdns": "^4.0.2",
+    "@pushrocks/smartexpress": "^3.0.57",
+    "@pushrocks/smartlog": "^2.0.21",
+    "@pushrocks/smartpromise": "^3.0.6",
+    "@pushrocks/smartrequest": "^1.1.47",
+    "@pushrocks/smartstring": "^3.0.18",
+    "@pushrocks/smarttime": "^3.0.12",
     "@pushrocks/smartunique": "^3.0.1",
-    "acme-client": "2.2.2"
+    "@tsclass/tsclass": "^3.0.7",
+    "acme-client": "^3.3.1"
   },
   "devDependencies": {
-    "@gitzone/tsbuild": "^2.1.4",
-    "@gitzone/tsrun": "^1.1.17",
-    "@gitzone/tstest": "^1.0.18",
-    "@mojoio/cloudflare": "^2.0.0",
-    "@pushrocks/qenv": "^4.0.0",
-    "@pushrocks/tapbundle": "^3.0.7",
-    "@types/node": "^10.12.18",
-    "tslint": "^5.12.1",
-    "tslint-config-prettier": "^1.17.0"
-  }
+    "@gitzone/tsbuild": "^2.1.17",
+    "@gitzone/tsrun": "^1.2.8",
+    "@gitzone/tstest": "^1.0.28",
+    "@mojoio/cloudflare": "^4.0.3",
+    "@pushrocks/qenv": "^4.0.6",
+    "@pushrocks/tapbundle": "^3.2.0",
+    "@types/node": "^13.7.2",
+    "tslint": "^6.0.0",
+    "tslint-config-prettier": "^1.18.0"
+  },
+  "files": [
+    "ts/**/*",
+    "ts_web/**/*",
+    "dist/**/*",
+    "dist_web/**/*",
+    "dist_ts_web/**/*",
+    "assets/**/*",
+    "cli.js",
+    "npmextra.json",
+    "readme.md"
+  ]
 }

test/test.ts

@@ -1,7 +1,12 @@
 import { tap, expect } from '@pushrocks/tapbundle';
 import { Qenv } from '@pushrocks/qenv';
+import * as cloudflare from '@mojoio/cloudflare';
 
 const testQenv = new Qenv('./', './.nogit/');
+const testCloudflare = new cloudflare.CloudflareAccount({
+  email: testQenv.getEnvVarOnDemand('CF_EMAIL'),
+  key: testQenv.getEnvVarOnDemand('CF_KEY')
+});
 
 import * as smartacme from '../ts/index';
 
@@ -16,16 +21,19 @@ tap.test('should create a valid instance of SmartAcme', async () => {
       mongoDbPass: testQenv.getEnvVarRequired('MONGODB_PASSWORD'),
       mongoDbUrl: testQenv.getEnvVarRequired('MONGODB_URL')
     },
-    removeChallenge: async (...args) => {
-      console.log(args);
+    removeChallenge: async (dnsChallenge) => {
+      testCloudflare.convenience.acmeRemoveDnsChallenge(dnsChallenge);
     },
-    setChallenge: async (...args) => {
-      console.log(args);
+    setChallenge: async (dnsChallenge) => {
+      testCloudflare.convenience.acmeSetDnsChallenge(dnsChallenge);
     },
     environment: 'integration'
   });
   await smartAcmeInstance.init();
-  // await smartAcmeInstance.getCertificateForDomain('bleu.de');
+});
+
+tap.test('should get a domain certificate', async () => {
+  await smartAcmeInstance.getCertificateForDomain('bleu.de');
 });
 
 tap.test('certmatcher should correctly match domains', async () => {

ts/index.ts

@@ -1,3 +1 @@
 export * from './smartacme.classes.smartacme';
-
-export * from './smartacme.classes.certremoteclient';

ts/interfaces/cert.ts

@@ -1,10 +0,0 @@
-export type TCertStatus = 'existing' | 'nonexisting' | 'pending' | 'failed';
-
-export interface ICert {
-  id: string;
-  domainName: string;
-  created: number;
-  privateKey: string;
-  publicKey: string;
-  csr: string;
-}

ts/interfaces/certremote.ts

@@ -1,11 +0,0 @@
-import { ICert, TCertStatus } from './cert';
-
-export interface ICertRemoteRequest {
-  secret: string;
-  domainName: string;
-}
-
-export interface ICertRemoteResponse {
-  status: TCertStatus;
-  certificate?: ICert;
-}

ts/interfaces/index.ts

@@ -1,3 +1 @@
 export * from './accountdata';
-export * from './cert';
-export * from './certremote';

ts/smartacme.classes.cert.ts

@@ -9,7 +9,7 @@ import { Collection, svDb, unI } from '@pushrocks/smartdata';
 @plugins.smartdata.Collection(() => {
   return CertManager.activeDB;
 })
-export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements interfaces.ICert {
+export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert, plugins.tsclass.network.ICert> implements plugins.tsclass.network.ICert {
   @unI()
   public id: string;
 
@@ -28,26 +28,30 @@ export class Cert extends plugins.smartdata.SmartDataDbDoc<Cert> implements inte
   @svDb()
   public csr: string;
 
+  @svDb()
+  public validUntil: number;
 
-
-  /**
-   * computed value for when the certificate is still valid
-   */
-  get validUntil (): number {
-    return this.created + plugins.smarttime.getMilliSecondsFromUnits({
-      days: 90
-    });
+  public isStillValid(): boolean {
+    return this.validUntil >= Date.now();
   }
 
-
-  get isStillValid (): boolean {
-    const shouldBeValitAtLeastUntil = Date.now() + plugins.smarttime.getMilliSecondsFromUnits({
+  public shouldBeRenewed(): boolean {
+    const shouldBeValidAtLeastUntil =
+      Date.now() +
+      plugins.smarttime.getMilliSecondsFromUnits({
         days: 10
       });
-    return this.validUntil >= shouldBeValitAtLeastUntil;
+    return !(this.validUntil >= shouldBeValidAtLeastUntil);
   }
 
-  constructor(optionsArg: interfaces.ICert) {
+  public update(certDataArg: plugins.tsclass.network.ICert) {
+    Object.keys(certDataArg).forEach(key => {
+      this[key] = certDataArg[key];
+    });
+  }
+
+
+  constructor(optionsArg: plugins.tsclass.network.ICert) {
     super();
     if (optionsArg) {
       Object.keys(optionsArg).forEach(key => {

ts/smartacme.classes.certmanager.ts

@@ -16,7 +16,7 @@ export class CertManager {
   private mongoDescriptor: plugins.smartdata.IMongoDescriptor;
   public smartdataDb: plugins.smartdata.SmartdataDb;
 
-  public pendingMap: plugins.lik.Stringmap;
+  public interestMap: plugins.lik.InterestMap<string, Cert>;
 
   constructor(
     smartAcmeArg: SmartAcme,
@@ -34,18 +34,17 @@ export class CertManager {
     CertManager.activeDB = this.smartdataDb;
 
     // Pending Map
-    this.pendingMap = new plugins.lik.Stringmap();
+    this.interestMap = new plugins.lik.InterestMap((certName) => certName);
   }
 
   /**
    * retrieves a certificate
    * @returns the Cert class or null
-   * @param domainName the domain Name to retrieve the vcertificate for
+   * @param certDomainNameArg the domain Name to retrieve the vcertificate for
    */
-  public async retrieveCertificate(domainName: string): Promise<Cert> {
-    await this.checkCerts();
+  public async retrieveCertificate(certDomainNameArg: string): Promise<Cert> {
     const existingCertificate: Cert = await Cert.getInstance({
-      domainName
+      domainName: certDomainNameArg
     });
 
     if (existingCertificate) {
@@ -59,44 +58,20 @@ export class CertManager {
    * stores the certificate
    * @param optionsArg
    */
-  public async storeCertificate(optionsArg: interfaces.ICert) {
+  public async storeCertificate(optionsArg: plugins.tsclass.network.ICert) {
     const cert = new Cert(optionsArg);
     await cert.save();
-    this.pendingMap.removeString(optionsArg.domainName);
+    const interest = this.interestMap.findInterest(cert.domainName);
+    if (interest) {
+      interest.fullfillInterest(cert);
+      interest.markLost();
+    }
   }
 
-  public async deleteCertificate(domainNameArg: string) {}
-
-  /**
-   * announce a certificate as being in the process of being retrieved
-   */
-  public async announceCertificate(domainNameArg: string) {
-    this.pendingMap.addString(domainNameArg);
-  }
-
-  /**
-   * gets the status of a certificate by certDomain name
-   * @param certDomainArg
-   */
-  public async getCertificateStatus(certDomainArg: string): Promise<interfaces.TCertStatus> {
-    const isPending = this.pendingMap.checkString(certDomainArg);
-    if (isPending) {
-      return 'pending';
-    }
-
-    // otherwise lets continue
-    const existingCertificate = await this.retrieveCertificate(certDomainArg);
-    if (existingCertificate) {
-      return 'existing';
-    }
-
-    return 'nonexisting';
-  }
-
-  /**
-   * checks all certs for expiration
-   */
-  private async checkCerts() {
-    // TODO
+  public async deleteCertificate(certDomainNameArg: string) {
+    const cert: Cert = await Cert.getInstance({
+      domainName: certDomainNameArg
+    });
+    await cert.delete();
   }
 }

ts/smartacme.classes.certremoteclient.ts

@@ -1,56 +0,0 @@
-import * as plugins from './smartacme.plugins';
-import * as interfaces from './interfaces';
-
-// tslint:disable-next-line: max-classes-per-file
-export class CertRemoteClient {
-  private remoteUrl: string;
-  private secret: string;
-  private logger: plugins.smartlog.Smartlog;
-
-  constructor(optionsArg: {
-    remoteUrl: string;
-    secret: string;
-    logger?: plugins.smartlog.Smartlog;
-  }) {
-    this.remoteUrl = optionsArg.remoteUrl;
-    this.secret = optionsArg.secret;
-    optionsArg.logger
-      ? (this.logger = optionsArg.logger)
-      : (this.logger = plugins.smartlog.defaultLogger);
-  }
-
-  /**
-   *
-   * @param domainNameArg
-   */
-  public async getCertificateForDomain(domainNameArg: string): Promise<interfaces.ICert> {
-    let certificate: interfaces.ICert;
-    const doRequestCycle = async (): Promise<interfaces.ICert> => {
-      const responseBody: interfaces.ICertRemoteResponse = (await plugins.smartrequest.postJson(
-        this.remoteUrl,
-        {
-          requestBody: <interfaces.ICertRemoteRequest>{
-            domainName: domainNameArg,
-            secret: this.secret
-          }
-        }
-      )).body;
-      switch (responseBody.status as interfaces.TCertStatus) {
-        case 'pending':
-          this.logger.log('info', `request for ${domainNameArg} still pending!`);
-          await plugins.smartdelay.delayFor(5000);
-          const finalResponse = await doRequestCycle();
-          return finalResponse;
-        case 'existing':
-          this.logger.log('ok', `got certificate for ${domainNameArg}`);
-          return responseBody.certificate;
-        case 'failed':
-        default:
-          console.log(`could not retrieve certificate for ${domainNameArg}`);
-          return null;
-      }
-    };
-    certificate = await doRequestCycle();
-    return certificate;
-  }
-}

ts/smartacme.classes.smartacme.ts

@@ -3,9 +3,6 @@ import { Cert } from './smartacme.classes.cert';
 import { CertManager } from './smartacme.classes.certmanager';
 import { CertMatcher } from './smartacme.classes.certmatcher';
 
-import * as interfaces from './interfaces';
-import { request } from 'http';
-
 /**
  * the options for the class @see SmartAcme
  */
@@ -13,8 +10,8 @@ export interface ISmartAcmeOptions {
   accountPrivateKey?: string;
   accountEmail: string;
   mongoDescriptor: plugins.smartdata.IMongoDescriptor;
-  setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
-  removeChallenge: (domainName: string) => Promise<any>;
+  setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
   environment: 'production' | 'integration';
   logger?: plugins.smartlog.Smartlog;
 }
@@ -34,60 +31,20 @@ export class SmartAcme {
 
   // the acme client
   private client: any;
-  private smartdns = new plugins.smartdns.Smartdns();
+  private smartdns = new plugins.smartdns.Smartdns({});
   public logger: plugins.smartlog.Smartlog;
 
   // the account private key
   private privateKey: string;
 
   // challenge fullfillment
-  private setChallenge: (domainName: string, keyAuthorization: string) => Promise<any>;
-  private removeChallenge: (domainName: string) => Promise<any>;
+  private setChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
+  private removeChallenge: (dnsChallengeArg: plugins.tsclass.network.IDnsChallenge) => Promise<any>;
 
   // certmanager
   private certmanager: CertManager;
   private certmatcher: CertMatcher;
 
-  /**
-   * the remote handler to hand the request and response to.
-   */
-  public certremoteHandler = async (
-    req: plugins.smartexpress.Request,
-    res: plugins.smartexpress.Response
-  ) => {
-    const requestBody: interfaces.ICertRemoteRequest = req.body;
-    this.logger.log('ok', `got certificate request for ${requestBody.domainName}`);
-    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(
-      requestBody.domainName
-    );
-    this.logger.log('ok', `mapping ${requestBody.domainName} to ${certDomain}`);
-    let status: interfaces.TCertStatus = await this.certmanager.getCertificateStatus(certDomain);
-    let response: interfaces.ICertRemoteResponse;
-    switch (status) {
-      case 'existing':
-        this.logger.log('ok', `certificate exists for ${certDomain}. Sending certificate!`);
-        response = {
-          status,
-          certificate: await (await this.certmanager.retrieveCertificate(
-            certDomain
-          )).createSavableObject()
-        };
-        break;
-      default:
-        if (status === 'nonexisting') {
-          this.getCertificateForDomain(certDomain);
-          status = 'pending';
-        }
-        response = {
-          status
-        };
-        break;
-    }
-    res.status(200);
-    res.send(response);
-    res.end();
-  };
-
   constructor(optionsArg: ISmartAcmeOptions) {
     this.options = optionsArg;
     this.options.logger
@@ -103,7 +60,7 @@ export class SmartAcme {
    */
   public async init() {
     this.privateKey =
-      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey());
+      this.options.accountPrivateKey || (await plugins.acme.forge.createPrivateKey()).toString();
     this.setChallenge = this.options.setChallenge;
     this.removeChallenge = this.options.removeChallenge;
 
@@ -144,8 +101,8 @@ export class SmartAcme {
    * it runs through the following steps
    *
    * * look in the database
-   * * if in the database return it
-   * * of not in the database announce it
+   * * if in the database and still valid return it
+   * * if not in the database announce it
    * * then get it from letsencrypt
    * * store it
    * * remove it from the pending map (which it go onto by announcing it)
@@ -154,18 +111,29 @@ export class SmartAcme {
    * @param domainArg
    */
   public async getCertificateForDomain(domainArg: string): Promise<Cert> {
-    const certDomain = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
-    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomain);
+    const certDomainName = this.certmatcher.getCertificateDomainNameByDomainName(domainArg);
+    const retrievedCertificate = await this.certmanager.retrieveCertificate(certDomainName);
 
-    if (retrievedCertificate) {
+    if (!retrievedCertificate && await this.certmanager.interestMap.checkInterest(certDomainName)) {
+      const existingCertificateInterest = this.certmanager.interestMap.findInterest(certDomainName);
+      const certificate = existingCertificateInterest.interestFullfilled;
+      return certificate;
+    } else if (retrievedCertificate && !retrievedCertificate.shouldBeRenewed()) {
       return retrievedCertificate;
-    } else {
-      await this.certmanager.announceCertificate(certDomain);
+    } else if (retrievedCertificate && retrievedCertificate.shouldBeRenewed()) {
+      // await retrievedCertificate.delete();
     }
 
+    // lets make sure others get the same interest
+    const currentDomainInterst = await this.certmanager.interestMap.addInterest(certDomainName);
+    
+
     /* Place new order */
     const order = await this.client.createOrder({
-      identifiers: [{ type: 'dns', value: certDomain }, { type: 'dns', value: `*.${certDomain}` }]
+      identifiers: [
+        { type: 'dns', value: certDomainName },
+        { type: 'dns', value: `*.${certDomainName}` }
+      ]
     });
 
     /* Get authorizations and select challenges */
@@ -173,7 +141,7 @@ export class SmartAcme {
 
     for (const authz of authorizations) {
       console.log(authz);
-      const domainDnsName: string = `_acme-challenge.${authz.identifier.value}`;
+      const fullHostName: string = `_acme-challenge.${authz.identifier.value}`;
       const dnsChallenge: string = authz.challenges.find(challengeArg => {
         return challengeArg.type === 'dns-01';
       });
@@ -182,8 +150,11 @@ export class SmartAcme {
 
       try {
         /* Satisfy challenge */
-        await this.setChallenge(domainDnsName, keyAuthorization);
-        await this.smartdns.checkUntilAvailable(domainDnsName, 'TXT', keyAuthorization, 100, 5000);
+        await this.setChallenge({
+          hostName: fullHostName,
+          challenge: keyAuthorization
+        });
+        await this.smartdns.checkUntilAvailable(fullHostName, 'TXT', keyAuthorization, 100, 5000);
         console.log('Cool down an extra 60 second for region availability');
         await plugins.smartdelay.delayFor(60000);
 
@@ -198,7 +169,10 @@ export class SmartAcme {
       } finally {
         /* Clean up challenge response */
         try {
-          await this.removeChallenge(domainDnsName);
+          await this.removeChallenge({
+            hostName: fullHostName,
+            challenge: keyAuthorization
+          });
         } catch (e) {
           console.log(e);
         }
@@ -207,8 +181,8 @@ export class SmartAcme {
 
     /* Finalize order */
     const [key, csr] = await plugins.acme.forge.createCsr({
-      commonName: `*.${certDomain}`,
-      altNames: [certDomain]
+      commonName: `*.${certDomainName}`,
+      altNames: [certDomainName]
     });
 
     await this.client.finalizeOrder(order, csr);
@@ -218,14 +192,21 @@ export class SmartAcme {
 
     await this.certmanager.storeCertificate({
       id: plugins.smartunique.shortId(),
-      domainName: certDomain,
+      domainName: certDomainName,
       privateKey: key.toString(),
       publicKey: cert.toString(),
       csr: csr.toString(),
-      created: Date.now()
+      created: Date.now(),
+      validUntil:
+        Date.now() +
+        plugins.smarttime.getMilliSecondsFromUnits({
+          days: 90
+        })
     });
 
-    const newCertificate = await this.certmanager.retrieveCertificate(certDomain);
+    const newCertificate = await this.certmanager.retrieveCertificate(certDomainName);
+    currentDomainInterst.fullfillInterest(newCertificate);
+    currentDomainInterst.destroy();
     return newCertificate;
   }
 }

ts/smartacme.plugins.ts

@@ -25,7 +25,14 @@ export {
   smarttime
 };
 
-// thirs party scope
+// @tsclass scope
+import * as tsclass from '@tsclass/tsclass';
+
+export {
+  tsclass
+}
+
+// third party scope
 import * as acme from 'acme-client';
 
 export { acme };