push.rocks/smartacme
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
smartacme/readme.plan.md
Philipp Kunz 0c6da9ff74 update
2025-05-04 10:29:33 +00:00

1.5 KiB
Raw Blame History

Plan: Add wildcard domain support to SmartAcme

Goal

  • Enable SmartAcme to accept wildcard domain inputs like *.domain.com or *.sub.example.com and correctly request and match wildcard certificates.

Steps

  1. Extend SmartacmeCertMatcher:
    • Update getCertificateDomainNameByDomainName() to handle wildcard prefixes:
      • If input starts with *. strip the prefix and return the base domain.
      • For example:
        • *.example.comexample.com
        • *.sub.example.comsub.example.com
        • *.a.b.example.coma.b.example.com
    • Ensure existing logic for non-wildcards remains unchanged.
  2. Update SmartAcme.getCertificateForDomain():
    • Detect wildcard inputs (domainArg.startsWith('*.')).
    • For wildcard cases, enforce DNS-01 challenge only (throw error if handlers don't support DNS-01).
    • Use the matcher result to request wildcard certificate identifiers (e.g., value: '*.baseDomain').
  3. Update tests:
    • Add unit tests in test/test.certmatcher.ts for wildcard handling:
      • *.example.comexample.com
      • *.sub.example.comsub.example.com
      • *.a.b.example.coma.b.example.com
    • Add integration stub in test/test.smartacme.ts for wildcard input in integration mode:
      • Call getCertificateForDomain('*.domain.com') and expect returned cert domainName equals *.domain.com.
  4. Update documentation (README.md) if needed.
  5. Run CI (pnpm build & pnpm test) and fix any regressions.