npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

acme-http-01-test

v3.1.3

Published

ACME http-01 tests for Let's Encrypt integration. Any `acme-http-01-` plugin should be able to pass these tests.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

coolaj86coolaj86

Keywords

Let's EncryptACMEhttp-01challengepluginmodulestrategygreenlock

Readme

acme-http-01-test | a Root project

An ACME https-01 test harness for Let's Encrypt integrations.

This was specificially designed for ACME.js and Greenlock.js, but will be generically useful to any ACME module.

Passing the tests is very easy. There are just three functions to implement:

  • set() - set a TXT record in a zone (i.e. _acme-challenge.foo in example.com)
  • get() - confirm that the record was set
  • remove() - clean up after the ACME challenge passes

The http-01 tests account for single-domain certificates (example.com). If you need multiple domain certs (SAN / AltName), wildcards (*.example.com), or valid private / localhost certificates, you'll need acme-dns-01-test.js instead.

Node v6 Support: Please build community plugins using node v6 / vanillajs to ensure that all acme.js and greenlock.js users are fully supported.

Install

npm install --save-dev [email protected]

Usage

var tester = require('acme-http-01-test');

//var challenger = require('acme-http-01-cli').create({});
var challenger = require('./YOUR-CHALLENGE-STRATEGY').create({
  YOUR_TOKEN_OPTION: 'SOME_API_KEY'
});

// The dry-run tests can pass on, literally, 'example.com'
// but the integration tests require that you have control over the domain
var record = 'foo.example.com';

tester.testRecord('http-01', record, challenger).then(function() {
  console.info('PASS');
});

Note: If the service you are testing only handles multiple records within a single zone, you should use testZone instead:

var zone = 'example.co.uk';

tester.testZone('http-01', zone, challenger).then(function() {
  console.info('PASS');
});

Reference Implementations

These are plugins that use the v2.7+ (v3) API, and pass this test harness, which you should use as a model for any plugins that you create.

You can find other implementations by searching npm for acme-http-01- and acme-dns-01-.

If you are building a plugin, please let us know. We may like to co-author and help maintain and promote your module.

Example

See example.js (it works).

Starter Template

Here's what you could start with.

var tester = require('acme-http-01-test');

// The dry-run tests can pass on, literally, 'example.com'
// but the integration tests require that you have control over the domain
var record = 'example.com';

tester
  .testRecord('http-01', record, {
    // Should make the token url return the key authorization
    // i.e. GET http://example.com/.well-known/acme-challenge/xxxx => xxxx.yyyy
    set: function(opts) {
      console.log('set opts:', opts);
      throw new Error('set not implemented');
    },

    // Should remove the previously set token file (just the one)
    remove: function(opts) {
      console.log('remove opts:', opts);
      throw new Error('remove not implemented');
    },

    // Should get the token file via the hosting service API
    get: function(opts) {
      console.log('get opts:', opts);
      throw new Error('get not implemented');
    }
  })
  .then(function() {
    console.info('PASS');
  });

http-01 vs dns-01

For type http-01:

// `altname` is the name of the domain
// `token` is the name of the file ( .well-known/acme-challenge/`token` )
// `keyAuthorization` is the contents of the file

For type dns-01:

// `dnsHost` is the domain/subdomain/host
// `dnsAuthorization` is the value of the TXT record

See acme-dns-01-test.js.

Detailed Overview

Here's a quick pseudo stub-out of what a test-passing plugin object might look like:

tester
  .testRecord('http-01', 'foo.example.com', {
    set: function(opts) {
      var ch = opts.challenge;
      // { type: 'http-01'
      // , identifier: { type: 'dns', value: 'foo.example.com' }
      // , token: 'xxxx'
      // , keyAuthorization: 'xxxx.yyyy' }

      return YourApi('POST', 'https://examplehost.com/api/sites/', {
        site: ch.identifier.value,
        filename: new URL(ch.url).pathname,
        contents: ch.keyAuthorization
      });
    },

    get: function(query) {
      var ch = query.challenge;
      // { type: 'http-01'
      // , identifier: { type: 'dns', value: 'foo.example.com' }
      // , token: 'xxxx'
      // , url: '...' }
      // Note: query.identifier.value is different for http-01 than for dns-01

      return YourApi(
        'GET',
        'https://examplehost.com/api/sites/' +
          ch.indentifier.value +
          '/' +
          new URL(ch.url).pathname
      ).then(function(secret) {
        // http-01
        return { keyAuthorization: secret };
      });
    },

    remove: function(opts) {
      var ch = opts.challenge;
      // same options as in `set()` (which are not the same as `get()`

      return YourApi(
        'DELETE',
        'https://examplehost.com/api/sites/' +
          ch.indentifier.value +
          '/' +
          new URL(ch.url).pathname
      );
    }
  })
  .then(function() {
    console.info('PASS');
  });

Where YourApi might look something like this:

var YourApi = function createApi(config) {
  var request = require('@root/request');
  request = require('util').promisify(request);

  return function(method, url, body) {
    return request({
      method: method,
      url: url,
      json: body || true,
      headers: {
        Authorization: 'Bearer ' + config.apiToken
      }
    }).then(function(resp) {
      return resp.body;
    });
  };
};

Two notes:

Note 1:

The API.get(), API.set(), and API.remove() is where you do your magic up to upload a file to the correct location on an http serever or add the appropriate data to the database that handles such things.

Note 2:

You can't do wildcards with http-01 challenges.