27 lines
1.5 KiB
Markdown
27 lines
1.5 KiB
Markdown
# Plan: Add wildcard domain support to SmartAcme
|
|
|
|
## Goal
|
|
- Enable SmartAcme to accept wildcard domain inputs like `*.domain.com` or `*.sub.example.com` and correctly request and match wildcard certificates.
|
|
|
|
## Steps
|
|
1. [x] Extend SmartacmeCertMatcher:
|
|
- [x] Update `getCertificateDomainNameByDomainName()` to handle wildcard prefixes:
|
|
- If input starts with `*.` strip the prefix and return the base domain.
|
|
- For example:
|
|
- `*.example.com` → `example.com`
|
|
- `*.sub.example.com` → `sub.example.com`
|
|
- `*.a.b.example.com` → `a.b.example.com`
|
|
- [x] Ensure existing logic for non-wildcards remains unchanged.
|
|
2. [x] Update `SmartAcme.getCertificateForDomain()`:
|
|
- [x] Detect wildcard inputs (`domainArg.startsWith('*.')`).
|
|
- [x] For wildcard cases, enforce DNS-01 challenge only (throw error if handlers don't support DNS-01).
|
|
- [x] Use the matcher result to request wildcard certificate identifiers (e.g., `value: '*.baseDomain'`).
|
|
3. [x] Update tests:
|
|
- [x] Add unit tests in `test/test.certmatcher.ts` for wildcard handling:
|
|
- `*.example.com` → `example.com`
|
|
- `*.sub.example.com` → `sub.example.com`
|
|
- `*.a.b.example.com` → `a.b.example.com`
|
|
- [x] Add integration stub in `test/test.smartacme.ts` for wildcard input in integration mode:
|
|
- Call `getCertificateForDomain('*.domain.com')` and expect returned cert `domainName` equals `*.domain.com`.
|
|
4. [x] Update documentation (README.md) if needed.
|
|
5. [x] Run CI (`pnpm build` & `pnpm test`) and fix any regressions. |