Go to file
2016-07-24 20:26:20 +02:00
dist fix README and git 2016-07-24 20:17:23 +02:00
test fix README and git 2016-07-24 20:17:23 +02:00
ts fix README and git 2016-07-24 20:17:23 +02:00
.gitignore start implementation of sslDir and gitOrigin 2016-06-22 13:55:38 +02:00
.gitlab-ci.yml improve gitlab ci 2016-07-24 20:07:24 +02:00
LICENSE Initial commit 2016-04-10 01:19:30 +02:00
package.json 1.0.6 2016-07-24 20:26:20 +02:00
qenv.yml install step now working 2016-06-21 20:02:57 +02:00
README.md fix README and git 2016-07-24 20:17:23 +02:00

Cert

Easily obain SSL certificates from LetsEncrypt. Supports DNS-01 challenge. TypeScript ready.

Status

build status

Usage

import {Cert} from "cert";

let myCert = new Cert({
    cfEmail: "some@cloudflare.email",
    cfKey: "someCloudflareApiKey",
    sslDir: "someOutputPath", // NOTE: if you already have certificates, make sure you put them in here, so cert only requires the missing ones
    gitOriginRepo: "git@githhub.com/someuser/somereopo" // good for persistence in highly volatile environments like docker
});

myCert.getDomainCert("example.com"); // returns promise

Note: cert supports async parallel cert fetching. However any subsequent calls will wait for the queue of the same dns zone to clear. In other words: test1.domain1.tld and test2.domain2.tld will run in parallel, but test2.domain1.tld will wait for test1.domain1.tld !

sslDir

to use the certificates it is important to understand what the structure of the ssl directory looks like.

using a git origin repo.

Often times you want to keep track of certificates in order to keep them even if the point of initial certificate request is gone. Imagine you have a dockerenvironement and you keep starting new container versions for the same domain. YOu ideally want to use a proxy that handles SSL managemet for you. But even the proxy needs to be updated from time to time.

So you need some kind of persistence between versions. This is why you can sync up all certificates to a git repo over ssh Just make sure your id_rsa is in place for the node user and is allowed for the origin repo.

Environment

Since cert relies on letsencrypt.sh in the background bash is needed on the system. If you plan on using this on Windows check out npmdocker which runs node programs in docker. As of summer 2016 Windows will also ship with bash nativly included.