server-ssl.js

📦[email protected]
- [x] Implemented `DNS-01` Challenge
- [x] Implemented `Cloud Flare DNS Provider`

Author: FirstTimeEZ

README.md

@@ -2,9 +2,11 @@
 
 # server-ssl.js
 
-Configurable `SSL Server` that runs on [`Node.js`](https://nodejs.org/en) which can be used for development or production and can create and renew `Lets Encrypt Certificates` automatically using `ACME`
+Configurable `SSL Server` that runs on [`Node.js`](https://nodejs.org/en) which can be used for development or production
 
-Designed to get out of your way so you can still change anything about `https.createServer`.
+Create and renew `Lets Encrypt Certificates` automatically using `ACME` using `DNS-01` with supported providers or `HTTP-01`
+
+Designed to get out of your way so you can still change _anything_
 
 --------
 
@@ -70,6 +72,27 @@ The certificates will be changed automatically when they are updated, you don't
 ```
 node server-ssl.js --letsEncrypt --domains=['www.ssl.boats','ssl.boats']
 ```
+
+### Wild Card Certificates
+
+You can generate `Wild Card Certificates` if you use a supported `DNS-01` provider
+
+At this present moment that is only `Cloud Flare`
+
+```
+let dnsProvider = {
+    name: "Cloud Flare",
+    token: "apiTokenWithDnsEditPermission",
+    zone: "zoneId" // optional if it cant be found automatically.
+}
+```
+
+Then to generate the certificate add a wildcard to the apex, eg. `*.ssl.boats`
+
+```
+--domains=['*.ssl.boats'] --staging
+```
+
 --------
 
 ### Always Redirect HTTP to HTTPS

package-lock.json

@@ -26,8 +26,8 @@
   ],
   "license": "Apache-2.0",
   "dependencies": {
-    "base-acme-client": "^30.0.2",
-    "lets-encrypt-acme-client": "^30.0.2",
+    "base-acme-client": "^30.0.3",
+    "lets-encrypt-acme-client": "^40.0.1",
     "simple-api-router": "^1.1.1",
     "simple-open-ssl": "^1.0.7"
   },

package.json

@@ -24,6 +24,7 @@ API.addEndpoint(new Endpoint("time", "GET", (req, res) => {
 }));
 
 const HTTPS_SERVER = createServerHTTPS(STATE.loadDefaultSecureContext(), (req, res) => {
+    //const host = req.headers.host; // e.g., api.example.com
     let route = undefined;
 
     if (req.url === STATE.WEBSITE_ROOT) {
@@ -40,6 +41,13 @@ const HTTPS_SERVER = createServerHTTPS(STATE.loadDefaultSecureContext(), (req, r
 
 STATE.startHttpChallengeListener();  // Lets Encrypt! HTTP-01 ACME Challenge Mixin - Always Redirects HTTP to HTTPS unless doing a ACME Challenge
 
-STATE.loadLetsEncryptAcmeDaemon(() => { STATE.loadNewSecureContext(HTTPS_SERVER); });
+let dnsProvider = null;
+
+// dnsProvider = {
+//     name: "Cloud Flare",
+//     token: "apiTokenWithDnsEditPermission"
+// }
+
+STATE.loadLetsEncryptAcmeDaemon(() => { STATE.loadNewSecureContext(HTTPS_SERVER); }, dnsProvider);
 //                              ^^ Update Certificates Callback
 STATE.checkNodeForUpdates(); // Check Node.js version

server-ssl.js

@@ -224,9 +224,9 @@ export const STATE = {
             console.log("Could not determine if Node.js version is recent");
         }
     },
-    loadLetsEncryptAcmeDaemon: (certificateCallback) => {
+    loadLetsEncryptAcmeDaemon: (certificateCallback, dnsProvider) => {
         STATE.optLetsEncrypt && STATE.optDomains !== null && (STATE.urlsArray = STATE.extractDomainsAnyFormat(STATE.optDomains));
-        STATE.optLetsEncrypt && startLetsEncryptDaemon(STATE.urlsArray, STATE.__sslFolder, certificateCallback, STATE.optGenerateAnyway, STATE.optStaging);
+        STATE.optLetsEncrypt && startLetsEncryptDaemon(STATE.urlsArray, STATE.__sslFolder, certificateCallback, STATE.optGenerateAnyway, STATE.optStaging, dnsProvider);
     },
     redirect: (res, req) => {
         res.writeHead(STATE.REDIRECT, { [STATE.REDIRECT_LOCATION]: `${STATE.HTTPS}${req.headers.host}${req.url}` });