| Built by Root for Hub
Free SSL, Automated HTTPS / HTTP2, served with Node via Express, Koa, hapi, etc.
require("greenlock-express")
.init(getConfig)
.serve(worker);
function getConfig() {
return {
package: require("./package.json")
};
}
function worker(server) {
server.serveApp(function(req, res) {
res.end("Hello, Encrypted World!");
});
}
Let's Encrypt for...
- IoT
- Enterprise On-Prem
- Local Development
- Home Servers
- Quitting Heroku
Features
Plenty of Examples
Easy to Customize
QuickStart Guide
Easy as 1, 2, 3... 4
1. Create a node project
Create an empty node project.
Be sure to fill out the package name, version, and an author email.
mkdir ~/my-project
pushd ~/my-project
npm init
2. Create an http app (i.e. express)
This example is shown with Express, but any node app will doGreenlock
works with everything.
(or any node-style http app)
my-express-app.js
:
"use strict";
function myPlainNodeHttpApp(req, res) {
res.end("Hello, Encrypted World!");
}
var express = require("express");
var app = express();
app.get("/", myPlainNodeHttpApp);
module.exports = app;
3. Serve with Greenlock Express
Greenlock Express is designed with these goals in mind:
- Simplicity and ease-of-use
- Performance and scalability
- Configurability and control
You can start with near-zero configuration and
slowly add options for greater performance and customization
later, if you need them.
server.js
:
require("greenlock-express")
.init(getConfig)
.serve(worker);
function getConfig() {
return {
// uses name and version as part of the ACME client user-agent
// uses author as the contact for support notices
package: require("./package.json")
};
}
function worker(server) {
// Works with any Node app (Express, etc)
var app = require('my-express-app.js');
server.serveApp(app);
}
And start your server:
sudo setcap 'cap_net_bind_service=+ep' $(which node)
npm start
Greenlock v3.0.0
Greenlock Manager Config File: ~/.config/greenlock/manager.json
Greenlock Storage Directory: ~/.config/greenlock/
Listening on 0.0.0.0:80 for ACME challenges and HTTPS redirects
Listening on 0.0.0.0:443 for secure traffic
4. Manage domains
Management can be done via the CLI or the JavaScript API.
Since this is the QuickStart, we'll demo the CLI:
You need to create a Let's Encrypt subscriber account, which can be done globally, or per-site.
All individuals, and most businesses, should set this globally:
npx greenlock config --subscriber-email 'mycompany@example.com' --agree-to-terms true
A Let's Encrypt SSL certificate has a "Subject" (Primary Domain) and up to 100 "Alternative Names"
(of which the first must be the subject).
npx greenlock add --subject example.com --altnames example.com,www.example.com
This will update the config file (assuming the default fs-based management plugin):
~/.config/greenlock/manager.json
:
{
"subscriberEmail": "letsencrypt-test@therootcompany.com",
"agreeToTerms": true,
"sites": {
"example.com": {
"subject": "example.com",
"altnames": ["example.com", "www.example.com"]
}
}
}
Note: Localhost, Wildcard, and Certificates for Private Networks require
DNS validation.
Full Documentation
Most of the documentation is done by use-case examples, as shown up at the top of the README.
We're working on more comprehensive documentation for this newly released version.
Please open an issue with questions in the meantime.
Commercial Support
Do you need...
- training?
- specific features?
- different integrations?
- bugfixes, on your timeline?
- custom code, built by experts?
- commercial support and licensing?
You're welcome to contact us in regards to IoT, On-Prem,
Enterprise, and Internal installations, integrations, and deployments.
We have both commercial support and commercial licensing available.
We also offer consulting for all-things-ACME and Let's Encrypt.
Legal & Rules of the Road
Greenlock™ is a trademark of AJ ONeal
The rule of thumb is "attribute, but don't confuse". For example:
Built with Greenlock Express (a Root project).
Please contact us if you have any questions in regards to our trademark,
attribution, and/or visible source policies. We want to build great software and a great community.
Greenlock™ |
MPL-2.0 |
Terms of Use |
Privacy Policy