Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

serverless-certificate-creator

Package Overview
Dependencies
Maintainers
1
Versions
49
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

serverless-certificate-creator

creates a certificate that can be used for custom domains for your api gateway

  • 1.5.2-rc-next.109
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
11K
increased by8.72%
Maintainers
1
Weekly downloads
 
Created
Source

serverless-certificate-creator

serverless npm version MIT licensed Codacy Badge npm downloads CircleCI

Table of Contents

Description

This serverless plugin creates certificates that you need for your custom domains in API Gateway. Use this in your CICD flow to automatically create a certificate, create the necessary route53 recordsets to validate the certificate with Dns-Validation and finally wait until the certificate has been validated.

Serverless Framework

This package is made for the serverless framework.

You can install it like this:

# Install the serverless cli
npm install -g serverless

# Or, update the serverless cli from a previous version
npm update -g serverless

Check out their getting started guide for more information here.

Usage Requirements

Make sure you have the following installed before starting:

Usage

    npm i serverless-certificate-creator --save-dev

open serverless.yml and add the following:

    plugins:
    - serverless-certificate-creator

    ...

    custom:
        customCertificate:
            //required
            certificateName: 'abc.somedomain.io'
            //optional
            idempotencyToken: 'abcsomedomainio'
            //required if hostedZoneIds is not set, alternativly as an array
            hostedZoneNames: 'somedomain.io.' 
            //required if hostedZoneNames is not set
            hostedZoneIds: 'XXXXXXXXX'
            // optional default is false. if you set it to true you will get a new file (after executing serverless create-cert), that contains certificate info that you can use in your deploy pipeline, alternativly as an array
            writeCertInfoToFile: false 
            // optional, only used when writeCertInfoToFile is set to true. It sets the name of the file containing the cert info
            certInfoFileName: 'cert-info.yml' 
            // optional - default is us-east-1 which is required for custom api gateway domains of Type Edge (default)
            region: eu-west-1
            //optional - see SubjectAlternativeNames https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/ACM.html#requestCertificate-property
            subjectAlternativeNames : 
                - 'www.somedomain.io'
                - 'def.somedomain.io'
            //optional - see https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/ACM.html#addTagsToCertificate-property
            //if you want to give your certificate a name that is shown in the ACM Console you can add a Tag with the key "Name"
            tags:
                Name: 'somedomain.com'
                Environment: 'prod'
            //optional default false. this is useful if you managed to delete your certificate but the dns validation records still exist
            rewriteRecords: false

now you can run:

    serverless create-cert

To remove the certificate and delete the CNAME recordsets from route53, run:

    serverless remove-cert

Combine with serverless-domain-manager

If you combine this plugin with serverless-domain-manager you can automate the complete process of creating a custom domain with a certificate. I found serverless-domain-manager very useful but i also wanted to be able to automatically create the certificate for the newly generated custom domain.

Examples

Install the plugins:

    npm i serverless-certificate-creator --save-dev
    npm i serverless-domain-manager --save-dev

Open serverless.yml and add the following:

    plugins:
    - serverless-certificate-creator
    - serverless-domain-manager

    ...

    custom:
        customDomain:
            domainName: abc.somedomain.io
            certificateName: 'abc.somedomain.io'
            basePath: ''
            stage: ${self:provider.stage}
            createRoute53Record: true
        customCertificate:
            certificateName: 'abc.somedomain.io' //required
            idempotencyToken: 'abcsomedomainio' //optional
            hostedZoneNames: 'somedomain.io.' //required if hostedZoneIds is not set 
            hostedZoneIds: 'XXXXXXXXX' //required if hostedZoneNames is not set
            region: eu-west-1 // optional - default is us-east-1 which is required for custom api gateway domains of Type Edge (default)
            enabled: true // optional - default is true. For some stages you may not want to use certificates (and custom domains associated with it).
            rewriteRecords: false

Now you can run:

    serverless create-cert
    serverless create_domain

Please make sure to check out the complete sample project here.

Reference Certificate Arn via variableResolvers

Since version 1.2.0 of this plugin you can use the following syntax to access the certificates Arn in other plugins

    ${certificate:${self:custom.customCertificate.certificateName}:CertificateArn}

If you are on version >= 2.27.0 of serverless & have elected to use the new variable resolver: variablesResolutionMode: 20210219. You must use the new supported syntax which is:

    ${certificate:${self:custom.customCertificate.certificateName}.CertificateArn}

see the serverless docs for more information

License

Copyright (c) 2018 Bastian Töpfer, contributors.

Released under the MIT license.

FAQs

Package last updated on 09 Apr 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc