
Security News
npm v12 Ships With Install Scripts Off by Default, Begins Deprecating 2FA-Bypass Tokens
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.
wedeploy-letsencrypt
Advanced tools
CLI and API for issuing, renewing and revoking certificates on user's behalf using Let's Encrypt
$ npm i --save wedeploy-letsencrypt
If you prefer to install it globally and use the CLI, use the following command:
$ npm i -g wedeploy-letsencrypt
Then, the command wel should be available in PATH. Run wel --help for more information about the available options.
$ wel <cmd> [args]
Commands:
certonly Issue/renew certificate(s)
Options:
--account-key-path Path to privkey.pem to use for account (default: generate new) [string]
--agree-tos Agree to the Let's Encrypt Subscriber Agreement. [required]
--cert-path Path to where new cert.pem is saved. [string] [default: ":configDir/live/:hostname/cert.pem"]
--chain-path Path to where new chain.pem is saved. [string] [default: ":configDir/live/:hostname/chain.pem"]
--config-dir Configuration directory. [string] [default: "~/letsencrypt/etc/"]
--debug Show traces and logs. [boolean] [default: false]
--domains Domain names to apply. For multiple domains use space separated list of domains as a parameter.
[array] [required]
--domain-key-path Path to privkey.pem to use for domain (default: generate new) [string]
--duplicate Allow getting a certificate that duplicates an existing one/is an early renewal.
[boolean] [default: false]
--email Email used for registration and recovery contact. [string] [required]
--fullchain-path Path to where new cert.pem is saved. [string] [default: ":configDir/live/:hostname/cert.pem"]
--http-01-port Use HTTP-01 challenge type with this port. [number] [default: 80]
--renew-within Renew certificates this many days before expiry. [number] [default: 7]
--rsa-key-size Size (in bits) of the RSA key. [number] [default: 2048]
--server ACME Directory Resource URI. Default: staging server. Use "production" to connect to the
production server. [string] [choices: "https://acme-staging.api.letsencrypt.org/directory",
"https://acme-v01.api.letsencrypt.org/directory", "staging", "production"] [default: "staging"]
--webroot-path public_html / webroot path. [string] [default: "/var/lib/haproxy"]
--help Show help [boolean]
To issue a certificate for a domain, you may use the following command:
$ wel certonly --agree-tos --domains example.com www.example.com --email admin@mycompany.com --config-dir ~/cfg-dir --server staging --webroot-path /var/lib/haproxy
The command will validate the domain example.com using HTTP challenge and register or renew a certificate for it. The server (HAProxy for example) should be able to serve files from /var/lib/haproxy directory.
In an application, require WeDeploy Let's Encrypt implementation and call getCertificate method, passing configuration options as properties of an object. The function returns a Promise, which will be fulfilled with the registered certificates. The certificates will be stored to the configuration directory (configDir property) already.
The list of available options are the same as those, which could be specified from the command line, but in camelCase. For example, agree-tos should become agreeTos and rsa-key-size should become rsaKeySize.
Example code:
const LetsEncrypt = require('wedeploy-letsencrypt');
LetsEncrypt.getCertificate(options)
.then((certs) => {
console.log('Got certificate(s) for', certs.altnames.join(', '));
})
.catch((error) => {
console.error(error);
});
$ npm test
BSD License © Liferay, Inc.
FAQs
CLI and API for issuing, renewing and revoking certificates on user's behalf using Let's Encrypt
We found that wedeploy-letsencrypt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.

Research
/Security News
Socket tracks the activity as Operation “Muck and Load”: a threat actor uses commit-farming workflows, public dead drops, and protected archives to stage Windows RAT and infostealer malware.

Security News
pnpm 11.10 hardens registry auth to block token redirection, tightens pack-app and deploy, and makes the Rust port (v12) installable.