npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@dadi/ssl

v1.1.2

Published

Autonomous SSL certificate generation in support of SSL-first approach.

Downloads

17

Readme

DADI SSL

Automated SSL certificate generation for the DADI Stack.

npm (scoped) coverage Build Status semantic-release JavaScript Style Guide

Overview

DADI SSL is a lightweight fully automated totally free SSL generation service that fits seemlessly into the DADI suite of microservices, as all major routing modules including restify and express.

It uses the letsencrypt certificate authority to register, create and automatically update multi-domain SSL certificates for use on single-server instances of your application.

It is recommended that load balanced services should apply certificates as part of the security policy, which is usually free.

Getting started

  1. Install the @dadi/ssl module:
npm install @dadi/ssl --save
  1. Add the library to your project file:
const SSL = require('@dadi/ssl')
  1. Add preferences:

// Example: select a domain and location to store certificates.
const ssl = new SSL()
  .useDomains(['somedomain.com'])
  .storeIn('/data/app/dadi-ssl/certs', true)
  .registerTo('[email protected]')
  .secureServerRestart(serverRestartFunction)
  .useListeningServer(listeningServer)
  .start()
  1. Using with your server
// Example

// Specify domain(s), a directory and a registration address.
const ssl = new SSL()
  .useDomains(['somedomain.com'])
  .storeIn('/data/app/dadi-ssl/certs', true)
  .registerTo('[email protected]')

// Start listening server on port 80.
const listeningServer = restify.createServer({
  port: 80
})

// Start secure server on port 443, with key and certificate files.
const server = restify.createServer({
  port: 443,
  key: ssl.getKey(),
  certificate: ssl.getCertificate()
})

// Add your servers and start the process.
ssl
  .secureServerRestart(serverRestartFunction)
  .useListeningServer(listeningServer)
  .start()

Required settings

.useDomains(domains)

Select the domains to register. Must be an array.

// Example
.useDomains(['foo.somedomain.com', 'bar.somedomain.com', 'somedomain.com'])

.registerTo(email)

Set the email address for the certificate registration.

// Example
.registerTo('[email protected]')

.secureServerRestart(serverRestartFunction)

Pass a server restart method to be called after successful certificate generation.

// Example
.secureServerRestart(restartFunction)

.useListeningServer(listeningServer)

A listening server running on port 80 allows the service to perform the necessary challenge requests.

// Example
.useListeningServer(listeningServer)

Optional settings

.storeIn(domains)

Select a directory to store certificate, and whether to force creation if the directory doesn't exist.

// Example
.storeIn('/data/app/dadi-ssl/certs', true)

.autoRenew(autoRenew)

Whether to auto renew certificates two days before expiry.

Default: true

// Example
.autoRenew(true)

.byteLength(length)

Bytelength of certificate. Can be between 512 and 4096. Higher = more secure, but slower to generate. Certificates with 2048 are assumed to be uncompromisable until the year 2030.

Default: 2048

// Example
.byteLength(4096)

.useEnvironment(environment)

Select which letsencrypt environment to use. Can be useful when debugging or avoiding usage limits (20/day).

Options: production, staging

// Example
.useEnvironment('staging')

Terminators

.start()

Initialises the process of creating certificates.

// Example
new SSL()
  .useDomains(['somedomain.com'])
  .registerTo('[email protected]')
  .secureServerRestart(serverRestartFunction)
  .useListeningServer(listeningServer)
  .start()

.getKey()

Get contents of the key file (domain.key). Useful for the key attribute of your server options.

const ssl = new SSL()

ssl.getKey()

.getCertificate()

Get contents of the certificate chain file (chained.pem). Useful for the certificate attribute of your server options.

const ssl = new SSL()

ssl.getCertificate()

Limitation

Letsencrypt will allow a maximum of 20 requests per domain, per day.

Generation of certificates requests a response directly to the server that made the request which can't be guarenteed when using a load balancer.