70 lines
1.7 KiB
JavaScript
70 lines
1.7 KiB
JavaScript
// That will fail unless you have a webserver running on 80 and 443 (or 5001)
|
|
// to respond to `/.well-known/acme-challenge/xxxxxxxx` with the proper token
|
|
'use strict';
|
|
|
|
module.exports.init = function (deps) {
|
|
var tls = require('tls');
|
|
var https = require('https');
|
|
var http = require('http');
|
|
|
|
|
|
var LeCore = deps.LeCore;
|
|
var httpsOptions = deps.httpsOptions;
|
|
var challengeStore = deps.challengeStore;
|
|
var certStore = deps.certStore;
|
|
|
|
|
|
//
|
|
// Challenge Handler
|
|
//
|
|
function acmeResponder(req, res) {
|
|
if (0 !== req.url.indexOf(LeCore.acmeChallengePrefix)) {
|
|
res.end('Hello World!');
|
|
return;
|
|
}
|
|
|
|
var key = req.url.slice(LeCore.acmeChallengePrefix.length);
|
|
|
|
challengeStore.get(req.hostname, key, function (err, val) {
|
|
res.end(val || 'Error');
|
|
});
|
|
}
|
|
|
|
|
|
//
|
|
// SNI Cert Handler
|
|
//
|
|
function certGetter(hostname, cb) {
|
|
certStore.get(hostname, function (err, certs) {
|
|
if (!certs) {
|
|
cb(null, null);
|
|
return;
|
|
}
|
|
|
|
// Note: you should cache this context in memory
|
|
// so that you aren't creating a new one every time
|
|
var context = tls.createSecureContext({
|
|
cert: certs.cert
|
|
, key: certs.key
|
|
});
|
|
|
|
cb(null, context);
|
|
});
|
|
}
|
|
|
|
|
|
//
|
|
// Server
|
|
//
|
|
httpsOptions.SNICallback = certGetter;
|
|
https.createServer(httpsOptions, acmeResponder).listen(443, function () {
|
|
console.log('Listening https on', this.address());
|
|
});
|
|
https.createServer(httpsOptions, acmeResponder).listen(5001, function () {
|
|
console.log('Listening https on', this.address());
|
|
});
|
|
http.createServer().listen(80, function () {
|
|
console.log('Listening http on', this.address());
|
|
});
|
|
};
|