Greenlock™ for Koa
An Automated HTTPS ACME client (Let's Encrypt v2) for Koa
Greenlock™ for Browsers, Node.js, Commandline, Express.js, Node.js Cluster, hapi, Koa, and rill | Sponsered by ppl
Features
- Automatic Registration via SNI (
httpsOptions.SNICallback
) - Secure domain approval callback
- Automatic renewal between 10 and 14 days before expiration
- Virtual Hosting (vhost) with Multiple Domains & SAN
- and more
- plugins for AWS, redis, and more
This module is just an alias for greenlock-express.js, which works with any middleware system.
Install
npm install --save greenlock-koa@2.x
QuickStart
'use strict'; //////////////////////// Greenlock Setup //////////////////////// var greenlock = ; //////////////////// Just add Koa //////////////////// var http = ;var https = ;var koa = ;var app = ; app; // https servervar server = https; server; // http redirect to httpsvar http = ;var redirectHttps = app;http;
Handling a dynamic list of domains
If you handle multiple domains and you dynamically add new ones,
you'll want to replace the static list of domains in approveDomains
with a function like this:
{ // This is where you check your database and associated // email addresses with domains and agreements and such // The domains being approved for the first time are listed in opts.domains // Certs being renewed are listed in certs.altnames if certs optsdomains = certsaltnames; else // Do something to optsemail = 'john.doe@example.com'; optsagreeTos = true; optscommunityMember = true; // NOTE: you can also change other options such as `challengeType` and `challenge` // opts.challengeType = 'http-01'; // opts.challenge = require('le-challenge-fs').create({}); ;}
SECURITY: Be careful with this. If you don't check that the domains being requested are the domains you allow an attacker can make you hit your rate limit for failed verification attempts.
See the vhost example for an idea of how this is done.