A TypeScript-based ACME client with an easy yet powerful interface for LetsEncrypt certificate management.

Go to file

Philipp Kunz 6ea919780c update tsconfig		2024-04-14 17:18:13 +02:00
.gitea/workflows	fix(core): update	2024-01-28 02:50:41 +01:00
.vscode	fix(core): update	2023-07-21 18:49:18 +02:00
test	fix(core): update	2023-07-21 19:01:26 +02:00
ts	fix(core): update	2024-01-28 16:08:32 +01:00
.gitignore	fix(core): update	2020-05-17 16:21:25 +00:00
.npmignore	update validation	2017-01-22 21:50:04 +01:00
LICENSE	switch to acme core	2016-11-11 14:17:50 +01:00
npmextra.json	update tsconfig	2024-04-14 17:18:13 +02:00
package.json	update tsconfig	2024-04-14 17:18:13 +02:00
pnpm-lock.yaml	fix(core): update	2024-01-28 16:08:32 +01:00
qenv.yml	fix(core): update	2020-08-13 03:10:37 +00:00
readme.hints.md	update tsconfig	2024-04-14 17:18:13 +02:00
readme.md	update tsconfig	2024-04-14 17:18:13 +02:00
tsconfig.json	update npmextra.json: githost	2024-04-01 21:33:37 +02:00

readme.md

@push.rocks/smartacme

acme with an easy yet powerful interface in TypeScript

Install

To install @push.rocks/smartacme, you can use npm or yarn. Run one of the following commands in your project directory:

npm install @push.rocks/smartacme --save

yarn add @push.rocks/smartacme

Make sure your project is set up to use TypeScript and supports ECMAScript Modules (ESM).

Usage

This guide will walk you through using @push.rocks/smartacme to set up and manage ACME (Automated Certificate Management Environment) certificates with a focus on the Let's Encrypt service, which provides free SSL certificates. The library provides an easy yet powerful TypeScript interface to automate the process of obtaining, renewing, and installing your SSL certificates.

Setting Up Your Project

Ensure your project includes the necessary TypeScript configuration and dependencies. You'll need to have TypeScript installed and configured for ECMAScript Modules. If you are new to TypeScript, review its documentation to get started.

Importing @push.rocks/smartacme

Start by importing the SmartAcme class from the @push.rocks/smartacme package. You'll also need to import or define interfaces for your setup options:

import { SmartAcme } from '@push.rocks/smartacme';

Creating a SmartAcme Instance

The SmartAcme class is central to interaction with the ACME service. Create an instance of SmartAcme with your configuration:

const smartAcmeInstance = new SmartAcme({
  accountEmail: 'youremail@example.com', // Email used for Let's Encrypt registration and recovery
  accountPrivateKey: null, // Private key for the account (optional, if not provided it will be generated)
  mongoDescriptor: { // MongoDB connection details for storing your certificates
    mongoDbUrl: 'mongodb://yourmongoURL',
    mongoDbName: 'yourDbName',
    mongoDbPass: 'yourDbPassword',
  },
  removeChallenge: async (dnsChallenge) => {
    // Implement logic here to remove DNS challenge records
  },
  setChallenge: async (dnsChallenge) => {
    // Implement logic here to create DNS challenge records
  },
  environment: 'integration', // Use 'production' for actual certificates
});

Initializing SmartAcme

Before proceeding to request certificates, initialize your SmartAcme instance:

await smartAcmeInstance.init();

Obtaining a Certificate for a Domain

To obtain a certificate for a specific domain, use the getCertificateForDomain method. This function ensures that if a valid certificate is already present, it will be reused; otherwise, a new certificate is obtained:

const myDomain = 'example.com';
const myCert = await smartAcmeInstance.getCertificateForDomain(myDomain);
console.log('Certificate:', myCert);

Automating DNS Challenges

Part of the ACME protocol involves responding to DNS challenges issued by the certificate authority to prove control over a domain. Implement the setChallenge and removeChallenge functions in your SmartAcme configuration to automate this process. These functions receive a dnsChallenge argument containing details needed to create or remove the necessary DNS records.

Managing Certificates

The library automatically handles fetching, renewing, and storing your certificates in a MongoDB database specified in your configuration. Ensure your MongoDB instance is accessible and properly configured for use with SmartAcme.

// Example MongoDB configuration
{
  mongoDbUrl: 'mongodb://yourmongoURL',
  mongoDbName: 'yourDbName',
  mongoDbPass: 'yourDbPassword',
}

Environmental Considerations

When creating an instance of SmartAcme, you can specify an environment option. This is particularly useful for testing, as you can use the integration environment to avoid hitting rate limits and for testing your setup without issuing real certificates. Switch to production when you are ready to obtain actual certificates.

This documentation covers the basic setup and operation of @push.rocks/smartacme. The library is designed to simplify interactions with ACME services and automate certificate management tasks, enabling secure communication for your applications with minimal hassle.

License and Legal Information

This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the license file within this repository.

Please note: The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.

Trademarks

This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.