Automatically Create and Renew LetsEncrypt! SSL Certificates, including Wildcard Certificates for supported DNS Providers
import LetsEncryptDaemon from 'lets-encrypt-acme-client';Create a LetsEncryptDaemon and then start the Daemon
const daemon = new LetsEncryptDaemon();
await daemon.startLetsEncryptDaemon(...); // You can only start this once, it will configure itself to run again.
daemon.checkChallengesMixin(...); // You must check the HTTP-01 Challenges for each LetsEncryptDaemonThis most recent version of this package is implemented in SSL Server
You can use SSL Server to understand how it works if the jsdoc isn't enough information.
| Supported DNS Providers |
|---|
| Cloud Flare |
You can generate Wild Card Certificates if you are using a supported DNS Provider
let dnsProvider = {
name: "Cloud Flare",
token: "apiTokenWithDnsEditPermission",
zone: "zoneId" // optional if it cant be found automatically.
}
DNS Providers are used to complete DNS-01 challenges
LetsEncryptDaemon is the default exported class
const daemon = new LetsEncryptDaemon();The Daemon runs periodically to Create or Renew the Certificate
/**
* Starts the LetsEncrypt! Daemon to Manage a SSL Certificate
*
* @param {Array<string>} fqdns - The fully qualified domain names as a SAN (e.g., ["example.com", "www.example.com"]), You must use a `dnsProvider` if you include a wild card
* @param {string} sslPath - The path where your acme account, keys and generated certificate will be stored or loaded from
* @param {function} certificateCallback - Callback that can be used to update the current certificate or trigger a restart etc.
* @param {boolean} [optGenerateAnyway=false] - (optional) True to generate a new certificate before the recommended time.
* @param {boolean} [optStaging=false] - (optional) True to use staging mode instead of production.
*
* @param {Object} dnsProvider - (optional) credentials for a supported dns provider if you want to use the `DNS-01` Challenge instead of `HTTP-01`
* @example
* const dnsProvider = {
* name: "Cloud Flare",
* token: "dnsEditPermissionApiToken",
* //zone: "zoneId", // if it cant be found automatically
* }
* @note
* If you start this more than once nothing will happen
*/await daemon.startLetsEncryptDaemon(fqdns, sslPath, certificateCallback, optGenerateAnyway = false, optStaging = false, dnsProvider = undefined)HTTP Mixin that completes the HTTP-01 Challenges created by the Daemon
This is not required if you are using a DNS Provider
/**
* Node.js Middleware function to check and respond to ACME HTTP-01 challenges issued by this LetsEncryptDaemon inside the HTTP Server.
*
* @example
* createServerHTTP(async (req, res) => {
* if (STATE.optLetsEncrypt && checkChallengesMixin(req, res)) { return; }
* // normal request redirect etc
* }).listen(80);
*/if (daemon.checkChallengesMixin(req, res)) { return; } // Inside the HTTP ServerThe DNS-01 and HTTP-01 challenges have been implemented