acme-dns-01-cli.js/README.md

# le-challenge-dns

| A [Root](https://rootprojects.org) Project
| [greenlock.js](https://git.coolaj86.com/coolaj86/greenlock.js) (library)
| [greenlock-express.js](https://git.coolaj86.com/coolaj86/greenlock-express.js)
| [greenlock-cli.js](https://git.coolaj86.com/coolaj86/greenlock-cli.js)
| [acme-v2.js](https://git.coolaj86.com/coolaj86/acme-v2.js)
|

A manual (interactive CLI) dns-based strategy for greenlock.js for setting, retrieving,
and clearing ACME DNS-01 challenges issued by the ACME server

Prints out a subdomain record for `_acme-challenge` with `keyAuthDigest`
to be tested by the ACME server.

You can then update your DNS manually by whichever method you use and then
press [enter] to continue the process.

```
_acme-challenge.example.com   TXT   xxxxxxxxxxxxxxxx    TTL 60
```

## Install

```bash
npm install --save le-challenge-dns@3.x
```

If you have `greenlock@v2.6` or lower, you'll need the old `le-challenge-dns@3.x` instead.

## Usage

The challenge can be set globally like this:

```js
var leChallengeDns = require('le-challenge-dns').create({
  debug: false
});

var Greenlock = require('greenlock');

Greenlock.create({
  ...
, challenges: {
    'dns-01': leChallengeDns
  }
, approveDomains: [ 'example.com', '*.example.com' ]
});
```

In can also be set in the `approveDomains` callback instead, like this:

```js
function approveDomains(opts, certs, cb) {
  ...
  opts.subject = 'example.com'
  opts.domains = [ 'example.com', '*.example.com' ];

  cb(null, { options: opts, certs: certs });
}
```

If you didn't make the dns challenge globally available in the main greenlock config,
you can make it locally available here:

```js
function approveDomains(opts, certs, cb) {
  ...

  if (!opts.challenges) { opts.challenges = {}; }
  opts.challenges['dns-01'] = leChallengeDns;
  opts.challenges['http-01'] = ...

  cb(null, { options: opts, certs: certs });
}
```

NOTE: If you request a certificate with 6 domains listed,
it will require 6 individual challenges.

## Exposed Methods

For ACME Challenge:

* `set(opts, done)`
* `remove(opts, done)`

The options object has whatever options were set in `approveDomains()` as well as the `challenge`:

```js
{ challenge: {
    identifier: { type: 'dns', value: 'example.com'
  , wildcard: true
  , altname: '*.example.com'
  , type: 'dns-01'
  , token: 'xxxxxx'
  , keyAuthorization: 'xxxxxx.abc123'
  , dnsHost: '_acme-challenge.example.com'
  , dnsAuthorization: 'abc123'
  , expires: '1970-01-01T00:00:00Z'
  }
}
```

Note: There's no `get()` because it's the DNS server, not the Greenlock server, that answers the requests.
(though I suppose you could implement it if you happen to run your DNS and webserver together... kinda weird though)

For greenlock.js internals:

* `options` stores the internal defaults merged with the user-supplied options
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			`# le-challenge-dns`
initial commit 2016-10-14 13:39:54 -06:00
update link 2019-04-02 05:34:35 +00:00			`\| A [Root](https://rootprojects.org) Project`
restore latest from npm 2018-05-01 14:14:15 -06:00			`\| [greenlock.js](https://git.coolaj86.com/coolaj86/greenlock.js) (library)`
			`\| [greenlock-express.js](https://git.coolaj86.com/coolaj86/greenlock-express.js)`
			`\| [greenlock-cli.js](https://git.coolaj86.com/coolaj86/greenlock-cli.js)`
			`\| [acme-v2.js](https://git.coolaj86.com/coolaj86/acme-v2.js)`
			`\|`

update docs 2018-05-12 19:22:09 -06:00			`A manual (interactive CLI) dns-based strategy for greenlock.js for setting, retrieving,`
initial commit 2016-10-14 13:39:54 -06:00			`and clearing ACME DNS-01 challenges issued by the ACME server`

			Prints out a subdomain record for `_acme-challenge` with `keyAuthDigest`
			`to be tested by the ACME server.`

			`You can then update your DNS manually by whichever method you use and then`
			`press [enter] to continue the process.`

			```
			`_acme-challenge.example.com TXT xxxxxxxxxxxxxxxx TTL 60`
			```

v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			`## Install`
initial commit 2016-10-14 13:39:54 -06:00
			```bash
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			`npm install --save le-challenge-dns@3.x`
initial commit 2016-10-14 13:39:54 -06:00			```

v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			If you have `greenlock@v2.6` or lower, you'll need the old `le-challenge-dns@3.x` instead.

			`## Usage`
initial commit 2016-10-14 13:39:54 -06:00
update docs 2018-05-12 19:22:09 -06:00			`The challenge can be set globally like this:`

v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			```js
initial commit 2016-10-14 13:39:54 -06:00			`var leChallengeDns = require('le-challenge-dns').create({`
			`debug: false`
			`});`

update docs 2018-05-12 19:22:09 -06:00			`var Greenlock = require('greenlock');`
initial commit 2016-10-14 13:39:54 -06:00
update docs 2018-05-12 19:22:09 -06:00			`Greenlock.create({`
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			`...`
initial commit 2016-10-14 13:39:54 -06:00			`, challenges: {`
			`'dns-01': leChallengeDns`
			`}`
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			`, approveDomains: [ 'example.com', '*.example.com' ]`
initial commit 2016-10-14 13:39:54 -06:00			`});`
			```

update docs 2018-05-12 19:22:09 -06:00			In can also be set in the `approveDomains` callback instead, like this:

v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			```js
			`function approveDomains(opts, certs, cb) {`
			`...`
			`opts.subject = 'example.com'`
			`opts.domains = [ 'example.com', '*.example.com' ];`

			`cb(null, { options: opts, certs: certs });`
			`}`
update docs 2018-05-12 19:22:09 -06:00			```
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00
			`If you didn't make the dns challenge globally available in the main greenlock config,`
			`you can make it locally available here:`

			```js
update docs 2018-05-12 19:22:09 -06:00			`function approveDomains(opts, certs, cb) {`
			`...`
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00
			`if (!opts.challenges) { opts.challenges = {}; }`
			`opts.challenges['dns-01'] = leChallengeDns;`
			`opts.challenges['http-01'] = ...`

update docs 2018-05-12 19:22:09 -06:00			`cb(null, { options: opts, certs: certs });`
			`}`
			```

initial commit 2016-10-14 13:39:54 -06:00			`NOTE: If you request a certificate with 6 domains listed,`
			`it will require 6 individual challenges.`

v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			`## Exposed Methods`
initial commit 2016-10-14 13:39:54 -06:00
			`For ACME Challenge:`

v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			* `set(opts, done)`
			* `remove(opts, done)`

			The options object has whatever options were set in `approveDomains()` as well as the `challenge`:

			```js
			`{ challenge: {`
			`identifier: { type: 'dns', value: 'example.com'`
			`, wildcard: true`
			`, altname: '*.example.com'`
			`, type: 'dns-01'`
			`, token: 'xxxxxx'`
			`, keyAuthorization: 'xxxxxx.abc123'`
			`, dnsHost: '_acme-challenge.example.com'`
			`, dnsAuthorization: 'abc123'`
			`, expires: '1970-01-01T00:00:00Z'`
			`}`
			`}`
			```
initial commit 2016-10-14 13:39:54 -06:00
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			Note: There's no `get()` because it's the DNS server, not the Greenlock server, that answers the requests.
			`(though I suppose you could implement it if you happen to run your DNS and webserver together... kinda weird though)`
initial commit 2016-10-14 13:39:54 -06:00
update docs 2018-05-12 19:22:09 -06:00			`For greenlock.js internals:`
initial commit 2016-10-14 13:39:54 -06:00
v3.0.0: update for greenlock v2.7+ 2019-04-02 20:59:11 -06:00			* `options` stores the internal defaults merged with the user-supplied options