我正在尝试使用Letsencrypt而不使用像Nginx这样的反向代理,我在npm上找到了一个名为 letsencrypt-express (greenlock-express)的模块。但是我无法让它发挥作用。
工作示例:
var express = require('express')
var letsencript = require('greenlock-express')
var leclg = require('le-challenge-fs')
var lestore = require('le-store-certbot')
var http = require('http');
var https = require('https');
var redHttps = require('redirect-https')
var app = express();
app.get('/', (req, res) => {
res.send('Ok Working');
})
var lex = letsencript.create({
server: 'staging',
// agreeTos: true,
approveDomains: (opts, certs, cb) => {
if (certs) {
// change domain list here
opts.domains = ['10hd.in']
} else {
// change default email to accept agreement
opts.email = 'test@gmail.com',
opts.agreeTos = true;
}
cb(null, { options: opts, certs: certs });
},
// app: app,
// challenges: { 'http-01': leclg.create({ webrootPath: '/tmp/acme-challenges' }) },
// store: lestore.create({ webrootPath: '/tmp/acme-challenges' })
}).listen(80, 443);
上部示例正如预期的那样工作。将http重定向到https并从Letsencript停滞服务器发出证书。并将它们存储在〜/ letsencript文件夹中。
以下是我想要但不工作的内容。
var express = require('express')
var letsencript = require('greenlock-express')
var leclg = require('le-challenge-fs')
var lestore = require('le-store-certbot')
var http = require('http');
var https = require('https');
var redHttps = require('redirect-https')
var app = express();
app.get('/', (req, res) => {
res.send('Ok Working');
})
var lex = letsencript.create({
server: 'staging',
// agreeTos: true,
approveDomains: (opts, certs, cb) => {
if (certs) {
// change domain list here
opts.domains = ['10hd.in']
} else {
// change default email to accept agreement
opts.email = 'test@gmail.com',
opts.agreeTos = true;
}
cb(null, { options: opts, certs: certs });
},
// app: app,
// challenges: { 'http-01': leclg.create({ webrootPath: '/tmp/acme-challenges' }) },
// store: lestore.create({ webrootPath: '/tmp/acme-challenges' })
})
// .listen(80, 443);
const middlewareWrapper = lex.middleware;
// redHttps()
http.createServer(lex.middleware(redHttps())).listen(80, ()=> {
console.log("Listening for ACME http-01 challenges");
});
//
https.createServer(
lex.httpsOptions,
lex.middleware(app)
).listen(433, () => {
console.log("Listening for ACME tls-sni-01 challenges and serve app");
});
我想通过https节点模块为服务器提供服务。并想在.listen()函数中提供的回调中做一些事情。 但它甚至没有创建让我们加密家庭目录中的文件夹。
控制台输出:
bubundas17@instance-2:~/test$ sudo node app.js
le.challenges[tls-sni-01].loopback should be defined as function (opts, domain, token, cb) { ... } and should prove (by external means) that the ACME server challenge 'tls-sni-01' will succeed
Listening for ACME http-01 challenges
Listening for ACME tls-sni-01 challenges and serve app
答案 0 :(得分:0)
这是一个正常运作的代码。
const http = require('http');
const https = require('https');
const redirectHttps = require('redirect-https')
var app = require('express')();
app.get('/', (req, res) => {
res.send("Test Server")
})
var le = require('greenlock').create({
server: 'staging',
configDir: 'certs/etc',
approveDomains: (opts, certs, cb) => {
if (certs) {
opts.domains = ['10hd.in']
} else {
opts.email = 'test@gmail.com',
opts.agreeTos = true;
}
cb(null, {
options: opts,
certs: certs
});
},
});
http.createServer(le.middleware(redirectHttps())).listen(80, function() {
console.log("Server Running On http" + 80);
})
https.createServer(le.httpsOptions, le.middleware(app)).listen(443, function() {
console.log("Server Running On https" + 443);
})
我不知道为什么这段代码有效以及为什么之前的代码没有!但是代码工作正常,这已经足够了!