96 lines
		
	
	
		
			2.2 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
			
		
		
	
	
			96 lines
		
	
	
		
			2.2 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
| var accountKeypair = await Keypairs.generate({ kty: accKty });
 | |
| if (config.debug) {
 | |
| 	console.info('Account Key Created');
 | |
| 	console.info(JSON.stringify(accountKeypair, null, 2));
 | |
| 	console.info();
 | |
| 	console.info();
 | |
| }
 | |
| 
 | |
| var account = await acme.accounts.create({
 | |
| 	agreeToTerms: agree,
 | |
| 	// TODO detect jwk/pem/der?
 | |
| 	accountKeypair: { privateKeyJwk: accountKeypair.private },
 | |
| 	subscriberEmail: config.email
 | |
| });
 | |
| 
 | |
| // TODO top-level agree
 | |
| function agree(tos) {
 | |
| 	if (config.debug) {
 | |
| 		console.info('Agreeing to Terms of Service:');
 | |
| 		console.info(tos);
 | |
| 		console.info();
 | |
| 		console.info();
 | |
| 	}
 | |
| 	agreed = true;
 | |
| 	return Promise.resolve(tos);
 | |
| }
 | |
| if (config.debug) {
 | |
| 	console.info('New Subscriber Account');
 | |
| 	console.info(JSON.stringify(account, null, 2));
 | |
| 	console.info();
 | |
| 	console.info();
 | |
| }
 | |
| if (!agreed) {
 | |
| 	throw new Error('Failed to ask the user to agree to terms');
 | |
| }
 | |
| 
 | |
| var certKeypair = await Keypairs.generate({ kty: srvKty });
 | |
| var pem = await Keypairs.export({
 | |
| 	jwk: certKeypair.private,
 | |
| 	encoding: 'pem'
 | |
| });
 | |
| if (config.debug) {
 | |
| 	console.info('Server Key Created');
 | |
| 	console.info('privkey.jwk.json');
 | |
| 	console.info(JSON.stringify(certKeypair, null, 2));
 | |
| 	// This should be saved as `privkey.pem`
 | |
| 	console.info();
 | |
| 	console.info('privkey.' + srvKty.toLowerCase() + '.pem:');
 | |
| 	console.info(pem);
 | |
| 	console.info();
 | |
| }
 | |
| 
 | |
| // 'subject' should be first in list
 | |
| var domains = randomDomains(rnd);
 | |
| if (config.debug) {
 | |
| 	console.info('Get certificates for random domains:');
 | |
| 	console.info(
 | |
| 		domains
 | |
| 			.map(function(puny) {
 | |
| 				var uni = punycode.toUnicode(puny);
 | |
| 				if (puny !== uni) {
 | |
| 					return puny + ' (' + uni + ')';
 | |
| 				}
 | |
| 				return puny;
 | |
| 			})
 | |
| 			.join('\n')
 | |
| 	);
 | |
| 	console.info();
 | |
| }
 | |
| 
 | |
| // Create CSR
 | |
| var csrDer = await CSR.csr({
 | |
| 	jwk: certKeypair.private,
 | |
| 	domains: domains,
 | |
| 	encoding: 'der'
 | |
| });
 | |
| var csr = Enc.bufToUrlBase64(csrDer);
 | |
| var csrPem = PEM.packBlock({
 | |
| 	type: 'CERTIFICATE REQUEST',
 | |
| 	bytes: csrDer /* { jwk: jwk, domains: opts.domains } */
 | |
| });
 | |
| if (config.debug) {
 | |
| 	console.info('Certificate Signing Request');
 | |
| 	console.info(csrPem);
 | |
| 	console.info();
 | |
| }
 | |
| 
 | |
| var results = await acme.certificates.create({
 | |
| 	account: account,
 | |
| 	accountKeypair: { privateKeyJwk: accountKeypair.private },
 | |
| 	csr: csr,
 | |
| 	domains: domains,
 | |
| 	challenges: challenges, // must be implemented
 | |
| 	customerEmail: null
 | |
| });
 |