server-ssl.js

improve how the local certificates are generated
remove start-windows.bat
remove --autoRestart flag temporarily
remove --skipNodeUpdate flag
remove nodeUpdate

/root
│
├── /error
│   ├── 404.html
│   └── 500.html
│
├── /ssl
│   ├── /openssl
│   ├── /production
│   │   │
│   │   ├── ...
│   │   ├── private-key.pem
│   │   └── certificate.pem
│   │
│   ├── /staging
│   │   │
│   │   ├── ...
│   │   ├── private-key.pem
│   │   └── certificate.pem
│   │
│   └── state.js
│
├── /wwwroot
│   └── index.html <---- Your website goes here
│
└── server-ssl.js

Author: FirstTimeEZ

README.md

@@ -15,28 +15,25 @@ The easiest usage would be to serve a website:
 1. [`Clone`](https://github.com/FirstTimeEZ/server-ssl.git) or [`Download`](https://github.com/FirstTimeEZ/server-ssl/archive/refs/heads/main.zip) the main branch and extract it somewhere
 2. Put your website in the `website` folder
 3. Open the `server-ssl` folder in `Command Prompt` or `Git Bash`
-4. Run `start-windows.bat`
+4. Run `node server-ssl.js`
 5. View your website at `https://localhost`
 
-[![](https://i.imgur.com/w2UUgO4.gif)](https://github.com/FirstTimeEZ/server-ssl/archive/refs/heads/main.zip)
+[![](https://i.imgur.com/VQGGVp0.gif)](https://github.com/FirstTimeEZ/server-ssl/archive/refs/heads/main.zip)
 
 The default page/config is a simple [`API`](https://github.com/FirstTimeEZ/simple-api-router) that serves and displays the `time`
 
 [![](https://i.imgur.com/DEbJVUq.png)](https://github.com/FirstTimeEZ/server-ssl/archive/refs/heads/main.zip)
 
 ### Advanced/Production Usage
 
-`start-windows.bat` takes your arguments and starts the server
+`node server-ssl.js` takes your arguments and starts the server
 
 ```
 # Start for production (Lets Encrypt!) with SAN Extension
-./start-windows.bat --letsEncrypt --domains=['www.ssl.boats','ssl.boats']
-
-# Start for production (BYO)
-./start-windows.bat --cert="your-certificate.pem" --pk="your-private-key.pem"
+node server-ssl.js --letsEncrypt --domains=['www.ssl.boats','ssl.boats']
 ```
 
-[![](https://i.imgur.com/2bMobPI.gif)](https://github.com/FirstTimeEZ/server-ssl/archive/refs/heads/main.zip)
+[![](https://i.imgur.com/XP8pa8a.gif)](https://github.com/FirstTimeEZ/server-ssl/archive/refs/heads/main.zip)
 
 ### Optional Arguments
 
@@ -51,7 +48,6 @@ The default page/config is a simple [`API`](https://github.com/FirstTimeEZ/simpl
 | `--site=`      | The directory for the website files | `"wwwroot"` |
 | `--error=`     | The directory for error messages (404,500) | `"error"` |
 | `--entry=`     | The page to use for the entry point | `"index.html"` |
-| `--skipNodeUpdate` | Do not update `NPM` packages before starting the server | `not present` |
 
 All Arguments are case sensitive.
 
@@ -69,12 +65,9 @@ The certificates will be changed automatically when they are updated, you don't
 | `--domains=` | Domains to generate certificates for, this can not include wild cards, this should be an array. eg. `--domains=['www.ssl.boats','ssl.boats']` |
 | `--generateAnyway` | Certificates should always be generated when the server starts, this could get you rate limited, maybe use `--staging`  |
 | `--staging` | The `Lets Encrypt!` staging server should be used instead of production |
-| `--autoRestart` | Restart the server after cert generation, firing a callback to notify of the restart (not required) |
-
-`start-windows.bat` is required to use `--autoRestart`
 
 ```
-./start-windows.bat --letsEncrypt --domains=['www.ssl.boats','ssl.boats']
+node server-ssl.js --letsEncrypt --domains=['www.ssl.boats','ssl.boats']
 ```
 --------
 
@@ -132,8 +125,7 @@ This layout keeps the project organized and maintainable, separating error handl
 ├── /wwwroot
 │   └── index.html <---- Your website goes here
 │
-├── server-ssl.js            <--- server config
-└── start-windows.bat
+└── server-ssl.js
 ```
 
 --------

package-lock.json

@@ -1,7 +1,7 @@
 {
   "name": "server-ssl",
   "author": "FirstTimeEZ",
-  "version": "35.0.2",
+  "version": "40.0.1",
   "description": "Configurable SSL Server that runs on Node.js which can be used for development or production and can create and renew Lets Encrypt Certificates automatically using ACME",
   "main": "template; do not import; read the Getting Started of the README, maybe you want to use: lets-encrypt-acme-client",
   "type": "module",

package.json

@@ -17,9 +17,11 @@
 
 import { join, extname as _extname } from 'path';
 import { createServer as createServerHTTP } from 'http';
-import { readFile, existsSync, readFileSync } from 'fs';
+import { readFile, existsSync, readFileSync, mkdirSync } from 'fs';
 import { checkChallengesMixin, startLetsEncryptDaemon } from 'lets-encrypt-acme-client';
 import { fetchAndRetryUntilOk } from 'base-acme-client';
+import { execSync } from 'child_process';
+import { platform } from 'os';
 
 /**
 * **SSL-Server** configuration state
@@ -97,12 +99,9 @@ export const STATE = {
             arg.includes("--domains=") && (STATE.optDomains = rightSide);
             arg.includes("--letsEncrypt") && (STATE.optLetsEncrypt = true);
             arg.includes("--generateAnyway") && (STATE.optGenerateAnyway = true);
-            arg.includes("--autoRestart") && (STATE.optAutoRestart = true);
             arg.includes("--staging") && (STATE.optStaging = true);
             // Internal
             arg.includes("--notAfter=") && (STATE.expireDate = rightSide);
-            arg.includes("--arAvailable") && (STATE.isRestartAvailable = true);
-            arg.includes("--ok") && (STATE.override = true);
         });
 
         if (STATE.optLetsEncrypt === true) {
@@ -123,8 +122,26 @@ export const STATE = {
         STATE.expireDate && STATE.timeUntilRenew(STATE.expireDate);
 
         const SSL = join(__rootDir, STATE.SSL, STATE.optStaging ? "staging" : "production");
-        const PK = join(SSL, STATE.optPk);
-        const CERT = join(SSL, STATE.optCert);
+
+        let PK = join(SSL, STATE.optPk);
+        let CERT = join(SSL, STATE.optCert);
+
+        if (!existsSync(PK) || !existsSync(CERT)) {
+            let create_local_cert;
+
+            if (platform() === 'win32') {
+                create_local_cert = '"ssl/openssl/bin/openssl" req -x509 -newkey rsa:2048 -nodes -sha256 -keyout ' + SSL + '/private-key.pem -out ' + SSL + '/certificate.pem -days 365 -subj "/CN=localhost"';
+            }
+            else {
+                // todo: detect if openssl is installed on linux
+                create_local_cert = 'openssl req -x509 -newkey rsa:2048 -nodes -sha256 -keyout ' + SSL + '/private-key.pem -out ' + SSL + '/certificate.pem -days 365 -subj "/CN=localhost"';
+            }
+
+            !existsSync(SSL) && mkdirSync(SSL);
+            execSync(create_local_cert, { stdio: 'inherit' });
+            PK = join(SSL, "private-key.pem");
+            CERT = join(SSL, "certificate.pem");
+        }
 
         !existsSync(PK) && STATE.certNotExist();
         !existsSync(CERT) && STATE.certNotExist();
@@ -153,7 +170,8 @@ export const STATE = {
         console.log("You need to generate or provide an SSL Certificate and Private Key in PEM format");
         console.log("You can use the following command from git bash or run start-windows.bat with no arguments");
         console.log(" ");
-        console.log('openssl req -x509 -newkey rsa:2048 -nodes -sha256 -keyout ssl/private-key.pem -out ssl/certificate.pem -days 365 -subj "//CN=localhost"');
+        console.log('openssl req -x509 -newkey rsa:2048 -nodes -sha256 -keyout ssl/production/private-key.pem -out ssl/production/certificate.pem -days 365 -subj "/CN=localhost"');
+        console.log('openssl req -x509 -newkey rsa:2048 -nodes -sha256 -keyout ssl/staging/private-key.pem -out ssl/staging/certificate.pem -days 365 -subj "/CN=localhost"');
         process.exit(1);
     },
     getErrorPage: (res, err) => {