@libp2p/auto-tls

@libp2p/auto-tls

Automatically acquire a .libp2p.direct TLS certificate

About

When a publicly dialable address is detected, use the p2p-forge service at https://registration.libp2p.direct to acquire a valid Let's Encrypt-backed TLS certificate, which the node can then use with the relevant transports.

The node must be configured with a listener for at least one of the following transports:

• TCP or WS or WSS, (along with the Yamux multiplexer and TLS or Noise encryption)
• QUIC-v1
• WebTransport

It also requires the Identify protocol.

Example - Use UPnP to hole punch and auto-upgrade to Secure WebSockets

import { noise } from '@chainsafe/libp2p-noise'
import { yamux } from '@chainsafe/libp2p-yamux'
import { autoTLS } from '@libp2p/auto-tls'
import { identify } from '@libp2p/identify'
import { keychain } from '@libp2p/keychain'
import { webSockets } from '@libp2p/websockets'
import { uPnPNAT } from '@libp2p/upnp-nat'
import { createLibp2p } from 'libp2p'

const node = await createLibp2p({
  addresses: {
    listen: [
      '/ip4/0.0.0.0/tcp/0/ws'
    ]
  },
  transports: [
    webSockets()
  ],
  connectionEncrypters: [
    noise()
  ],
  streamMuxers: [
    yamux()
  ],
  services: {
    autoTLS: autoTLS(),
    identify: identify(),
    keychain: keychain(),
    upnp: uPnPNAT()
  }
})

// ...time passes

console.info(node.getMultiaddrs())
// includes public WSS address:
// [ '/ip4/123.123.123.123/tcp/12345/wss ]

Install

$ npm i @libp2p/auto-tls

API Docs

• https://libp2p.github.io/js-libp2p/modules/_libp2p_auto_tls.html

License

Licensed under either of

• Apache 2.0, (LICENSE-APACHE / http://www.apache.org/licenses/LICENSE-2.0)
• MIT (LICENSE-MIT / http://opensource.org/licenses/MIT)

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.