npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@vladmandic/piacme

v1.0.3

Published

Simple ACME/LetsEncrypt HTTP/SSL Certificate Management

Downloads

37

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

vladmandicvladmandic

Keywords

x509csrcertificateacmeletsencryptsslhttpshttp2

Readme

PiACME: Simple ACME/LetsEncrypt HTTP/SSL Certificate Management

Why

Because out of all of the existing modules, I couldn't find one that does what I needed and doesn't carry large number of unnecessary dependencies.
This module is written in pure JavaScript ECMAScript 6 (ES6) and requires only several low-level crypto management dependencies.

Usage

Initialize PiACME by passing a configuration object:

  const config = {
    // website or application signature, can be any string
    application: 'example/0.0.1',
    // list of domains for which we're getting a certificate for
    /// same certificate can be used for multiple domain
    // must be resolvable and reachable over internet for validation
    // before certificate can be issued.
    domains: ['example1.com', 'example2.com'],
    // email of the person responsible for the site for which we're getting certificate for
    maintainer: '[email protected]',
    // email of the person that will be registered with LetsEncrypt, can be the same as maintainer
    subscriber: '[email protected]',
    // file where account info will be stored once account is created
    accountFile: './cert/account.json',
    // file where account secret will be stored once account is created
    accountKeyFile: './cert/account.pem',
    // file where server private key will be stored
    ServerKeyFile: './cert//private.pem',
    // file where server certificate will be stored
    fullChain: './cert/fullchain.pem',
    // attempt renewal how many days before expiration, default: 10 days
    renewDays: 14,
    // how often to check certificate validity in minutes, default: 720 (12 hours)
    monitorInterval: 60 * 12,
    // increase verbosity, default: false
    debug: false,
  };

  const piacme = require('piacme');
  piacme.init(config);
  const { Key, Crt } = await piacme.getCert();

That's it!
Account registration, server key creation, certificate issuance, taget validation, and certificate renwal - are all handled automatically. Now you can use server key and certificate.
For example to start a secure http2 server:

  const http2 = require('http2');
  const fs = require('fs');
  const options = {
    key = fs.readFileSync(Key);
    cert = fs.readFileSync(Crt);
  };
  const server = http2.createSecureServer(options);
  server.listen(443);

Or https server:

  const http2 = require('https');
  const fs = require('fs');
  const options = {
    key = fs.readFileSync(Key);
    cert = fs.readFileSync(Crt);
  };
  const server = https.createServer(options);
  server.listen(443);

Internal workflow

All functions use same object passed during init() call. Core function is getCert() and it will either return existing valid certificate, issue a new one or trigger a certificate renewal.

Internally, it calls checkCert() to verify if server key and certificate specified in config object already exists and are valid.
If yes, it will just return those objects: config.ServerKeyFile and config.fullChain.
If not, if calls:

  • createKeys()
    Which is used only once per server lifetime.
    It initialize LetsEncrypt account using maintainer info and generate server private key.
  • createCert()
    Which is used to genrates new certificate if one doesn't exist or is about to expire.
    Interally it temporarily starts a http server on port 80 to listen for LetsEncrypt validation callbacks and then shuts down the server.

Next, it calls parseCert() and parses cetificate details for validity before returning server key and certificate.

Optional

To monitor certificate, call monitorCert() which updates object initially passed using init() call by triggering getCert() every 12 hours.
Usefull for certfificates with short lifespan that require freqent renewals.

piacme.monitorCert();`

or with a provided callback function that monitorCert() will call if certificate changes.

  function f() { /* do something here */ };
  piacme.monitorCert(f)

To get certificate details, call parseCert() and it will parse certificate from the initial object used during init() call.

  • contact and subject are values provided during certificate creation
  • error in all cases is optional property and will be set if case of an error.
  • issuer will always be LetsEncrypt authority.
  • createdAt, notBefore and notAfter are date objects specifying certificate issue date and validity (start and end date).
  const ssl = await piacme.parseCert();
  ssl: {
    account: { error?, contact, createdAt },
    serverKey: { error? },
    accountKey: { error? },
    fullChain: { error?, subject, issuer, notBefore, notAfter }
  }