Last active
October 12, 2016 20:58
-
-
Save mark-buhagiar/d78a4f68d8b9732b40a9c5087c4fb63f to your computer and use it in GitHub Desktop.
Sample Nodejs app which uses letsencrypt-express for HTTPS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
'use strict'; | |
var lex = require('letsencrypt-express').create({ | |
// NOTE, server should be set to 'staging' while testing | |
server: 'https://acme-v01.api.letsencrypt.org/directory' | |
, challenges: { 'tls-sni-01': require('le-challenge-sni').create({ webrootPath: '/tmp/acme-challenges' }) } | |
, challengeType: 'tls-sni-01' | |
, store: require('le-store-certbot').create({ webrootPath: '/tmp/acme-challenges' }) | |
, approveDomains: approveDomains | |
}); | |
function approveDomains(opts, certs, cb) { | |
if (certs) { | |
opts.domains = certs.altnames; | |
} | |
else { | |
opts.domains = [domain]; | |
opts.email = email; | |
opts.agreeTos = true; | |
} | |
cb(null, { options: opts, certs: certs }); | |
} | |
var app = require('express')(); | |
app.use('/', function (req, res) { | |
res.end('Hello, World!'); | |
}); | |
require('https').createServer(lex.httpsOptions, lex.middleware(app)).listen(443, function () { | |
console.log("Listening for ACME tls-sni-01 challenges and serve app on", this.address()); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hmm. It should indeed work without the middleware. It should also not require
webrootPath
anywhere butletsencrypt-express
may be trying to instantiate things you shouldn't need that require that. At the end of the day, if it's working for you, that's great, but you may find you can useletsencrypt
directly, i.e. cut outletsencrypt-express
, without making the code much longer. If you don't want to, I might have a go modifyingletsencrypt-express
to make an https-only version some time soon too. But if you come up with something, I may not need to. :-)