acme-client - npm Package Compare versions

20

package.json

		@@ -5,3 +5,3 @@ {
		"author": "nmorsman",
		"version": "5.3.0",
		"version": "5.3.1",
		"main": "src/index.js",
		@@ -19,5 +19,5 @@ "types": "types/index.d.ts",
		"dependencies": {
		"@peculiar/x509": "^1.9.7",
		"@peculiar/x509": "^1.10.0",
		"asn1js": "^3.0.5",
		"axios": "^1.6.5",
		"axios": "^1.7.2",
		"debug": "^4.1.1",
		@@ -27,12 +27,12 @@ "node-forge": "^1.3.1"
		"devDependencies": {
		"@types/node": "^20.11.5",
		"@types/node": "^20.12.12",
		"chai": "^4.4.1",
		"chai-as-promised": "^7.1.1",
		"eslint": "^8.56.0",
		"chai-as-promised": "^7.1.2",
		"eslint": "^8.57.0",
		"eslint-config-airbnb-base": "^15.0.0",
		"eslint-plugin-import": "^2.29.1",
		"jsdoc-to-markdown": "^8.0.0",
		"mocha": "^10.2.0",
		"nock": "^13.5.0",
		"tsd": "^0.30.4"
		"jsdoc-to-markdown": "^8.0.1",
		"mocha": "^10.4.0",
		"nock": "^13.5.4",
		"tsd": "^0.31.0"
		},
		@@ -39,0 +39,0 @@ "scripts": {

39

README.md

		@@ -12,9 +12,9 @@ # acme-client [![test](https://github.com/publishlab/node-acme-client/actions/workflows/tests.yml/badge.svg)](https://github.com/publishlab/node-acme-client/actions/workflows/tests.yml)

		\| acme-client \| Node.js \| \|
		\| ------------- \| --------- \| ----------------------------------------- \|
		\| v5.x \| >= v16 \| [Upgrade guide](docs/upgrade-v5.md) \|
		\| v4.x \| >= v10 \| [Changelog](CHANGELOG.md#v400-2020-05-29) \|
		\| v3.x \| >= v8 \| [Changelog](CHANGELOG.md#v300-2019-07-13) \|
		\| v2.x \| >= v4 \| [Changelog](CHANGELOG.md#v200-2018-04-02) \|
		\| v1.x \| >= v4 \| [Changelog](CHANGELOG.md#v100-2017-10-20) \|
		\| acme-client \| Node.js \| \|
		\| ----------- \| ------- \| ----------------------------------------- \|
		\| v5.x \| >= v16 \| [Upgrade guide](docs/upgrade-v5.md) \|
		\| v4.x \| >= v10 \| [Changelog](CHANGELOG.md#v400-2020-05-29) \|
		\| v3.x \| >= v8 \| [Changelog](CHANGELOG.md#v300-2019-07-13) \|
		\| v2.x \| >= v4 \| [Changelog](CHANGELOG.md#v200-2018-04-02) \|
		\| v1.x \| >= v4 \| [Changelog](CHANGELOG.md#v100-2017-10-20) \|

		@@ -53,3 +53,3 @@ ## Table of contents
		directoryUrl: acme.directory.letsencrypt.staging,
		accountKey: accountPrivateKey
		accountKey: accountPrivateKey,
		});
		@@ -80,4 +80,4 @@ ```
		kid: 'YOUR-EAB-KID',
		hmacKey: 'YOUR-EAB-HMAC-KEY'
		}
		hmacKey: 'YOUR-EAB-HMAC-KEY',
		},
		});
		@@ -96,3 +96,3 @@ ```
		accountKey: accountPrivateKey,
		accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678'
		accountUrl: 'https://acme-v02.api.letsencrypt.org/acme/acct/12345678',
		});
		@@ -120,4 +120,3 @@ ```
		const [certificateKey, certificateCsr] = await acme.crypto.createCsr({
		commonName: '*.example.com',
		altNames: ['example.com']
		altNames: ['example.com', '*.example.com'],
		});
		@@ -147,3 +146,3 @@ ```
		challengeCreateFn: async (authz, challenge, keyAuthorization) => {},
		challengeRemoveFn: async (authz, challenge, keyAuthorization) => {}
		challengeRemoveFn: async (authz, challenge, keyAuthorization) => {},
		};
		@@ -165,3 +164,3 @@
		...,
		challengePriority: ['http-01', 'dns-01']
		challengePriority: ['http-01', 'dns-01'],
		});
		@@ -181,3 +180,3 @@ ```
		...,
		skipChallengeVerification: true
		skipChallengeVerification: true,
		});
		@@ -196,3 +195,3 @@ ```
		termsOfServiceAgreed: true,
		contact: ['mailto:test@example.com']
		contact: ['mailto:test@example.com'],
		});
		@@ -203,4 +202,4 @@
		{ type: 'dns', value: 'example.com' },
		{ type: 'dns', value: '*.example.com' }
		]
		{ type: 'dns', value: '*.example.com' },
		],
		});
		@@ -220,3 +219,3 @@ ```
		host: '127.0.0.1',
		port: 9000
		port: 9000,
		};
		@@ -223,0 +222,0 @@ ```

18

src/api.js

		@@ -7,3 +7,2 @@ /**


		/**
		@@ -22,3 +21,2 @@ * AcmeApi


		/**
		@@ -39,3 +37,2 @@ * Get account URL


		/**
		@@ -65,3 +62,2 @@ * ACME API request


		/**
		@@ -85,3 +81,2 @@ * ACME API request by resource name helper


		/**
		@@ -99,3 +94,2 @@ * Get Terms of Service URL if available


		/**
		@@ -113,3 +107,3 @@ * Create new account
		includeJwsKid: false,
		includeExternalAccountBinding: (data.onlyReturnExisting !== true)
		includeExternalAccountBinding: (data.onlyReturnExisting !== true),
		});
		@@ -125,3 +119,2 @@


		/**
		@@ -140,3 +133,2 @@ * Update account


		/**
		@@ -155,3 +147,2 @@ * Update account key


		/**
		@@ -170,3 +161,2 @@ * Create new order


		/**
		@@ -185,3 +175,2 @@ * Get order


		/**
		@@ -201,3 +190,2 @@ * Finalize order


		/**
		@@ -216,3 +204,2 @@ * Get identifier authorization


		/**
		@@ -232,3 +219,2 @@ * Update identifier authorization


		/**
		@@ -248,3 +234,2 @@ * Complete challenge


		/**
		@@ -264,4 +249,3 @@ * Revoke certificate


		/* Export API */
		module.exports = AcmeApi;

18

src/auto.js

		@@ -16,6 +16,5 @@ /**
		challengeCreateFn: async () => { throw new Error('Missing challengeCreateFn()'); },
		challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); }
		challengeRemoveFn: async () => { throw new Error('Missing challengeRemoveFn()'); },
		};


		/**
		@@ -29,4 +28,4 @@ * ACME client auto mode

		module.exports = async function(client, userOpts) {
		const opts = Object.assign({}, defaultOpts, userOpts);
		module.exports = async (client, userOpts) => {
		const opts = { ...defaultOpts, ...userOpts };
		const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };
		@@ -42,3 +41,2 @@


		/**
		@@ -59,3 +57,2 @@ * Register account


		/**
		@@ -66,9 +63,7 @@ * Parse domains from CSR
		log('[auto] Parsing domains from Certificate Signing Request');
		const csrDomains = readCsrDomains(opts.csr);
		const domains = [csrDomains.commonName].concat(csrDomains.altNames);
		const uniqueDomains = Array.from(new Set(domains));
		const { commonName, altNames } = readCsrDomains(opts.csr);
		const uniqueDomains = Array.from(new Set([commonName].concat(altNames).filter((d) => d)));

		log(`[auto] Resolved ${uniqueDomains.length} unique domains from parsing the Certificate Signing Request`);


		/**
		@@ -85,3 +80,2 @@ * Place order


		/**
		@@ -174,3 +168,2 @@ * Resolve and satisfy challenges


		/**
		@@ -189,3 +182,2 @@ * Wait for all challenge promises to settle


		/**
		@@ -192,0 +184,0 @@ * Finalize order and download certificate

5

src/axios.js

		@@ -8,3 +8,2 @@ /**


		/**
		@@ -23,6 +22,5 @@ * Instance
		httpsChallengePort: 443,
		tlsAlpnChallengePort: 443
		tlsAlpnChallengePort: 443,
		};


		/**
		@@ -37,3 +35,2 @@ * Explicitly set Node as default HTTP adapter


		/**
		@@ -40,0 +37,0 @@ * Export instance

62

src/client.js

		@@ -16,3 +16,2 @@ /**


		/**
		@@ -28,3 +27,2 @@ * ACME states


		/**
		@@ -43,6 +41,5 @@ * Default options
		backoffMin: 5000,
		backoffMax: 30000
		backoffMax: 30000,
		};


		/**
		@@ -67,3 +64,3 @@ * AcmeClient
		* directoryUrl: acme.directory.letsencrypt.staging,
		* accountKey: 'Private key goes here'
		* accountKey: 'Private key goes here',
		* });
		@@ -80,3 +77,3 @@ * ```
		* backoffMin: 5000,
		* backoffMax: 30000
		* backoffMax: 30000,
		* });
		@@ -92,4 +89,4 @@ * ```
		* kid: 'YOUR-EAB-KID',
		* hmacKey: 'YOUR-EAB-HMAC-KEY'
		* }
		* hmacKey: 'YOUR-EAB-HMAC-KEY',
		* },
		* });
		@@ -105,8 +102,7 @@ * ```

		this.opts = Object.assign({}, defaultOpts, opts);

		this.opts = { ...defaultOpts, ...opts };
		this.backoffOpts = {
		attempts: this.opts.backoffAttempts,
		min: this.opts.backoffMin,
		max: this.opts.backoffMax
		max: this.opts.backoffMax,
		};
		@@ -118,3 +114,2 @@


		/**
		@@ -139,3 +134,2 @@ * Get Terms of Service URL if available


		/**
		@@ -162,3 +156,2 @@ * Get current account URL


		/**
		@@ -175,3 +168,3 @@ * Create a new account
		* const account = await client.createAccount({
		* termsOfServiceAgreed: true
		* termsOfServiceAgreed: true,
		* });
		@@ -184,3 +177,3 @@ * ```
		* termsOfServiceAgreed: true,
		* contact: ['mailto:test@example.com']
		* contact: ['mailto:test@example.com'],
		* });
		@@ -211,3 +204,2 @@ * ```


		/**
		@@ -224,3 +216,3 @@ * Update existing account
		* const account = await client.updateAccount({
		* contact: ['mailto:foo@example.com']
		* contact: ['mailto:foo@example.com'],
		* });
		@@ -253,3 +245,2 @@ * ```


		/**
		@@ -279,3 +270,3 @@ * Update account private key
		/* Create new HTTP and API clients using new key */
		const newHttpClient = new HttpClient(this.opts.directoryUrl, newAccountKey);
		const newHttpClient = new HttpClient(this.opts.directoryUrl, newAccountKey, this.opts.externalAccountBinding);
		const newApiClient = new AcmeApi(newHttpClient, accountUrl);
		@@ -301,3 +292,2 @@


		/**
		@@ -316,4 +306,4 @@ * Create a new order
		* { type: 'dns', value: 'example.com' },
		* { type: 'dns', value: 'test.example.com' }
		* ]
		* { type: 'dns', value: 'test.example.com' },
		* ],
		* });
		@@ -335,3 +325,2 @@ * ```


		/**
		@@ -398,3 +387,2 @@ * Refresh order object from CA


		/**
		@@ -429,3 +417,2 @@ * Get identifier authorizations from order


		/**
		@@ -451,6 +438,3 @@ * Deactivate identifier authorization

		const data = {
		status: 'deactivated'
		};

		const data = { status: 'deactivated' };
		const resp = await this.api.updateAuthorization(authz.url, data);
		@@ -463,3 +447,2 @@


		/**
		@@ -506,3 +489,2 @@ * Get key authorization for ACME challenge


		/**
		@@ -542,3 +524,2 @@ * Verify that ACME challenge is satisfied


		/**
		@@ -564,3 +545,2 @@ * Notify CA that challenge has been completed


		/**
		@@ -622,3 +602,2 @@ * Wait for ACME provider to verify status on a order, authorization or challenge


		/**
		@@ -670,3 +649,2 @@ * Get certificate from ACME order


		/**
		@@ -691,3 +669,3 @@ * Revoke certificate
		* const result = await client.revokeCertificate(certificate, {
		* reason: 4
		* reason: 4,
		* });
		@@ -703,3 +681,2 @@ * ```


		/**
		@@ -722,3 +699,3 @@ * Auto mode
		* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
		* commonName: 'test.example.com'
		* altNames: ['test.example.com'],
		* });
		@@ -735,3 +712,3 @@ *
		* // Clean up challenge here
		* }
		* },
		* });
		@@ -743,3 +720,3 @@ * ```
		* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
		* commonName: 'test.example.com'
		* altNames: ['test.example.com'],
		* });
		@@ -753,3 +730,3 @@ *
		* challengeCreateFn: async () => {},
		* challengeRemoveFn: async () => {}
		* challengeRemoveFn: async () => {},
		* });
		@@ -764,4 +741,3 @@ * ```


		/* Export client */
		module.exports = AcmeClient;

49

src/crypto/forge.js

		@@ -16,3 +16,2 @@ /**


		/**
		@@ -58,3 +57,2 @@ * Attempt to parse forge object from PEM encoded string


		/**
		@@ -98,7 +96,6 @@ * Parse domain names from a certificate or CSR
		commonName,
		altNames
		altNames,
		};
		}


		/**
		@@ -129,3 +126,2 @@ * Generate a private RSA key


		/**
		@@ -143,3 +139,3 @@ * Create public key from a private RSA key

		exports.createPublicKey = async function(key) {
		exports.createPublicKey = async (key) => {
		const privateKey = forge.pki.privateKeyFromPem(key);
		@@ -151,3 +147,2 @@ const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);


		/**
		@@ -166,3 +161,2 @@ * Parse body of PEM encoded object from buffer or string


		/**
		@@ -177,3 +171,2 @@ * Split chain of PEM encoded objects from buffer or string into array


		/**
		@@ -193,3 +186,3 @@ * Get modulus

		exports.getModulus = async function(input) {
		exports.getModulus = async (input) => {
		if (!Buffer.isBuffer(input)) {
		@@ -203,3 +196,2 @@ input = Buffer.from(input);


		/**
		@@ -219,3 +211,3 @@ * Get public exponent

		exports.getPublicExponent = async function(input) {
		exports.getPublicExponent = async (input) => {
		if (!Buffer.isBuffer(input)) {
		@@ -229,3 +221,2 @@ input = Buffer.from(input);


		/**
		@@ -246,3 +237,3 @@ * Read domains from a Certificate Signing Request

		exports.readCsrDomains = async function(csr) {
		exports.readCsrDomains = async (csr) => {
		if (!Buffer.isBuffer(csr)) {
		@@ -256,3 +247,2 @@ csr = Buffer.from(csr);


		/**
		@@ -277,3 +267,3 @@ * Read information from a certificate

		exports.readCertificateInfo = async function(cert) {
		exports.readCertificateInfo = async (cert) => {
		if (!Buffer.isBuffer(cert)) {
		@@ -288,11 +278,10 @@ cert = Buffer.from(cert);
		issuer: {
		commonName: issuerCn ? issuerCn.value : null
		commonName: issuerCn ? issuerCn.value : null,
		},
		domains: parseDomains(obj),
		notAfter: obj.validity.notAfter,
		notBefore: obj.validity.notBefore
		notBefore: obj.validity.notBefore,
		};
		};


		/**
		@@ -318,3 +307,2 @@ * Determine ASN.1 type for CSR subject short name


		/**
		@@ -339,3 +327,2 @@ * Create array of short names and values for Certificate Signing Request subjects


		/**
		@@ -357,3 +344,2 @@ * Create array of alt names for Certificate Signing Requests


		/**
		@@ -378,3 +364,3 @@ * Create a Certificate Signing Request
		* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
		* commonName: 'test.example.com'
		* altNames: ['test.example.com'],
		* });
		@@ -384,2 +370,3 @@ * ```
		* @example Certificate Signing Request with both common and alternative names
		* > Warning: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
		* ```js
		@@ -389,3 +376,3 @@ * const [certificateKey, certificateRequest] = await acme.forge.createCsr({
		* commonName: 'test.example.com',
		* altNames: ['foo.example.com', 'bar.example.com']
		* altNames: ['foo.example.com', 'bar.example.com'],
		* });
		@@ -397,3 +384,3 @@ * ```
		* const [certificateKey, certificateRequest] = await acme.forge.createCsr({
		* commonName: 'test.example.com',
		* altNames: ['test.example.com'],
		* country: 'US',
		@@ -404,3 +391,3 @@ * state: 'California',
		* organizationUnit: 'IT Department',
		* emailAddress: 'contact@example.com'
		* emailAddress: 'contact@example.com',
		* });
		@@ -414,7 +401,7 @@ * ```
		* const [, certificateRequest] = await acme.forge.createCsr({
		* commonName: 'test.example.com'
		* altNames: ['test.example.com'],
		* }, certificateKey);
		*/

		exports.createCsr = async function(data, key = null) {
		exports.createCsr = async (data, key = null) => {
		if (!key) {
		@@ -451,3 +438,3 @@ key = await createPrivateKey(data.keySize);
		OU: data.organizationUnit,
		E: data.emailAddress
		E: data.emailAddress,
		});
		@@ -463,4 +450,4 @@
		name: 'subjectAltName',
		altNames: formatCsrAltNames(data.altNames)
		}]
		altNames: formatCsrAltNames(data.altNames),
		}],
		}]);
		@@ -467,0 +454,0 @@ }

63

src/crypto/index.js

		@@ -25,3 +25,2 @@ /**


		/**
		@@ -39,3 +38,3 @@ * Determine key type and info by attempting to derive public key
		isECDSA: false,
		publicKey: crypto.createPublicKey(keyPem)
		publicKey: crypto.createPublicKey(keyPem),
		};
		@@ -56,3 +55,2 @@


		/**
		@@ -80,4 +78,4 @@ * Generate a private RSA key
		type: 'pkcs8',
		format: 'pem'
		}
		format: 'pem',
		},
		});
		@@ -90,3 +88,2 @@


		/**
		@@ -100,3 +97,2 @@ * Alias of `createPrivateRsaKey()`


		/**
		@@ -124,4 +120,4 @@ * Generate a private ECDSA key
		type: 'pkcs8',
		format: 'pem'
		}
		format: 'pem',
		},
		});
		@@ -132,3 +128,2 @@


		/**
		@@ -151,3 +146,3 @@ * Get a public key derived from a RSA or ECDSA key
		type: info.isECDSA ? 'spki' : 'pkcs1',
		format: 'pem'
		format: 'pem',
		});
		@@ -158,3 +153,2 @@


		/**
		@@ -176,3 +170,3 @@ * Get a JSON Web Key derived from a RSA or ECDSA key
		const jwk = crypto.createPublicKey(keyPem).export({
		format: 'jwk'
		format: 'jwk',
		});
		@@ -189,3 +183,2 @@


		/**
		@@ -206,3 +199,3 @@ * Produce CryptoKeyPair and signing algorithm from a PEM encoded private key
		name: 'RSASSA-PKCS1-v1_5',
		hash: { name: 'SHA-256' }
		hash: { name: 'SHA-256' },
		};
		@@ -231,3 +224,2 @@


		/**
		@@ -252,3 +244,2 @@ * Split chain of PEM encoded objects from string into array


		/**
		@@ -274,3 +265,2 @@ * Parse body of PEM encoded object and return a Base64URL string


		/**
		@@ -296,7 +286,6 @@ * Parse domains from a certificate or CSR
		commonName,
		altNames
		altNames,
		};
		}


		/**
		@@ -327,3 +316,2 @@ * Read domains from a Certificate Signing Request


		/**
		@@ -359,11 +347,10 @@ * Read information from a certificate
		issuer: {
		commonName: cert.issuerName.getField('CN').pop() \|\| null
		commonName: cert.issuerName.getField('CN').pop() \|\| null,
		},
		domains: parseDomains(cert),
		notBefore: cert.notBefore,
		notAfter: cert.notAfter
		notAfter: cert.notAfter,
		};
		};


		/**
		@@ -391,3 +378,2 @@ * Determine ASN.1 character string type for CSR subject field name


		/**
		@@ -414,3 +400,2 @@ * Create array of subject fields for a Certificate Signing Request


		/**
		@@ -433,3 +418,2 @@ * Create x509 subject alternate name extension


		/**
		@@ -454,3 +438,3 @@ * Create a Certificate Signing Request
		* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
		* commonName: 'test.example.com'
		* altNames: ['test.example.com'],
		* });
		@@ -460,2 +444,3 @@ * ```
		* @example Certificate Signing Request with both common and alternative names
		* > Warning: Certificate subject common name has been [deprecated](https://letsencrypt.org/docs/glossary/#def-CN) and its use is [discouraged](https://cabforum.org/uploads/BRv1.2.3.pdf).
		* ```js
		@@ -465,3 +450,3 @@ * const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
		* commonName: 'test.example.com',
		* altNames: ['foo.example.com', 'bar.example.com']
		* altNames: ['foo.example.com', 'bar.example.com'],
		* });
		@@ -473,3 +458,3 @@ * ```
		* const [certificateKey, certificateRequest] = await acme.crypto.createCsr({
		* commonName: 'test.example.com',
		* altNames: ['test.example.com'],
		* country: 'US',
		@@ -480,3 +465,3 @@ * state: 'California',
		* organizationUnit: 'IT Department',
		* emailAddress: 'contact@example.com'
		* emailAddress: 'contact@example.com',
		* });
		@@ -490,3 +475,3 @@ * ```
		* const [, certificateRequest] = await acme.crypto.createCsr({
		* commonName: 'test.example.com'
		* altNames: ['test.example.com'],
		* }, certificateKey);
		@@ -520,3 +505,3 @@ */
		/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6 */
		createSubjectAltNameExtension(data.altNames)
		createSubjectAltNameExtension(data.altNames),
		];
		@@ -536,4 +521,4 @@
		OU: data.organizationUnit,
		E: data.emailAddress
		})
		E: data.emailAddress,
		}),
		});
		@@ -546,3 +531,2 @@


		/**
		@@ -598,3 +582,3 @@ * Create a self-signed ALPN certificate for TLS-ALPN-01 challenges
		/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.6 */
		createSubjectAltNameExtension([commonName])
		createSubjectAltNameExtension([commonName]),
		];
		@@ -616,4 +600,4 @@
		name: createCsrSubject({
		CN: commonName
		})
		CN: commonName,
		}),
		});
		@@ -626,3 +610,2 @@


		/**
		@@ -629,0 +612,0 @@ * Validate that a ALPN certificate contains the expected key authorization

18

src/http.js

		@@ -10,3 +10,2 @@ /**


		/**
		@@ -34,3 +33,2 @@ * ACME HTTP client


		/**
		@@ -65,3 +63,2 @@ * HTTP request


		/**
		@@ -91,3 +88,2 @@ * Ensure provider directory exists


		/**
		@@ -107,3 +103,2 @@ * Get JSON Web Key


		/**
		@@ -128,3 +123,2 @@ * Get nonce from directory API endpoint


		/**
		@@ -147,3 +141,2 @@ * Get URL for a directory resource


		/**
		@@ -166,3 +159,2 @@ * Get directory meta field


		/**
		@@ -200,7 +192,6 @@ * Prepare HTTP request body for signature
		payload: payload ? Buffer.from(JSON.stringify(payload)).toString('base64url') : '',
		protected: Buffer.from(JSON.stringify(header)).toString('base64url')
		protected: Buffer.from(JSON.stringify(header)).toString('base64url'),
		};
		}


		/**
		@@ -228,3 +219,2 @@ * Create JWS HTTP request body using HMAC


		/**
		@@ -270,3 +260,3 @@ * Create JWS HTTP request body using RSA or ECC
		padding: RSA_PKCS1_PADDING,
		dsaEncoding: 'ieee-p1363'
		dsaEncoding: 'ieee-p1363',
		}, 'base64url');
		@@ -277,3 +267,2 @@


		/**
		@@ -314,3 +303,3 @@ * Signed HTTP request

		/* Retry on bad nonce - https://datatracker.ietf.org/doc/html/draft-ietf-acme-acme-10#section-6.4 */
		/* Retry on bad nonce - https://datatracker.ietf.org/doc/html/rfc8555#section-6.5 */
		if (resp.data && resp.data.type && (resp.status === 400) && (resp.data.type === 'urn:ietf:params:acme:error:badNonce') && (attempts < this.maxBadNonceRetries)) {
		@@ -329,4 +318,3 @@ nonce = resp.headers['replay-nonce'] \|\| null;


		/* Export client */
		module.exports = HttpClient;

12

src/index.js

		@@ -7,3 +7,2 @@ /**


		/**
		@@ -16,14 +15,13 @@ * Directory URLs
		staging: 'https://api.test4.buypass.no/acme/directory',
		production: 'https://api.buypass.com/acme/directory'
		production: 'https://api.buypass.com/acme/directory',
		},
		letsencrypt: {
		staging: 'https://acme-staging-v02.api.letsencrypt.org/directory',
		production: 'https://acme-v02.api.letsencrypt.org/directory'
		production: 'https://acme-v02.api.letsencrypt.org/directory',
		},
		zerossl: {
		production: 'https://acme.zerossl.com/v2/DV90'
		}
		production: 'https://acme.zerossl.com/v2/DV90',
		},
		};


		/**
		@@ -36,3 +34,2 @@ * Crypto


		/**
		@@ -44,3 +41,2 @@ * Axios


		/**
		@@ -47,0 +43,0 @@ * Logger

4

src/logger.js

		@@ -9,3 +9,2 @@ /**


		/**
		@@ -21,7 +20,6 @@ * Set logger function


		/**
		* Log message
		*
		* @param {string} Message
		* @param {string} msg Message
		*/
		@@ -28,0 +26,0 @@

15

src/util.js

		@@ -10,3 +10,2 @@ /**


		/**
		@@ -30,3 +29,2 @@ * Exponential backoff


		/**
		@@ -45,3 +43,2 @@ * Get backoff duration


		/**
		@@ -76,3 +73,2 @@ * Retry promise


		/**
		@@ -94,3 +90,2 @@ * Retry promise


		/**
		@@ -115,3 +110,2 @@ * Parse URLs from link header


		/**
		@@ -166,3 +160,2 @@ * Find certificate chain with preferred issuer common name


		/**
		@@ -188,3 +181,2 @@ * Find and format error in response object


		/**
		@@ -215,3 +207,2 @@ * Resolve root domain name by looking for SOA record


		/**
		@@ -257,3 +248,2 @@ * Get DNS resolver using domains authoritative NS records


		/**
		@@ -280,3 +270,3 @@ * Attempt to retrieve TLS ALPN certificate from peer
		rejectUnauthorized: false,
		ALPNProtocols: ['acme-tls/1']
		ALPNProtocols: ['acme-tls/1'],
		});
		@@ -313,3 +303,2 @@


		/**
		@@ -325,3 +314,3 @@ * Export utils
		getAuthoritativeDnsResolver,
		retrieveTlsAlpnCertificate
		retrieveTlsAlpnCertificate,
		};

7

src/verify.js

		@@ -12,3 +12,2 @@ /**


		/**
		@@ -47,3 +46,2 @@ * Verify ACME HTTP challenge


		/**
		@@ -86,3 +84,2 @@ * Walk DNS until TXT records are found


		/**
		@@ -127,3 +124,2 @@ * Verify ACME DNS challenge


		/**
		@@ -156,3 +152,2 @@ * Verify ACME TLS ALPN challenge


		/**
		@@ -165,3 +160,3 @@ * Export API
		'dns-01': verifyDnsChallenge,
		'tls-alpn-01': verifyTlsAlpnChallenge
		'tls-alpn-01': verifyTlsAlpnChallenge,
		};

6

types/index.d.ts

		@@ -18,3 +18,2 @@ /**


		/**
		@@ -32,3 +31,2 @@ * Augmented ACME interfaces


		/**
		@@ -85,3 +83,2 @@ * Client


		/**
		@@ -105,3 +102,2 @@ * Directory URLs


		/**
		@@ -184,3 +180,2 @@ * Crypto


		/**
		@@ -192,3 +187,2 @@ * Axios


		/**
		@@ -195,0 +189,0 @@ * Logger

1

types/index.test-d.ts

		@@ -7,3 +7,2 @@ /**


		(async () => {
		@@ -10,0 +9,0 @@ /* Client */

4

types/rfc8555.d.ts

		@@ -30,3 +30,2 @@ /**


		/**
		@@ -57,3 +56,2 @@ * Order


		/**
		@@ -78,3 +76,2 @@ * Authorization


		/**
		@@ -108,3 +105,2 @@ * Challenge


		/**
		@@ -111,0 +107,0 @@ * Certificate

acme-client - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes