ACME - v30.0.3

A module for interacting with ACME servers for automated SSL/TLS certificate issuance and management.

Release Notes

• silence postAsGet
• silence postAsGetChal
• fetchAndRetryProtectedUntilOk can be silenced now
• remove answer wrapper
• simplify rest of API to get or error

eg.
order.get | order.error
account.get | account.error
directory.get | directory.error

---

Exports

import * as bac from 'base-acme-client'; // ES6

newDirectory

Fetches the directory information from an ACME server.

---

newNonce

Retrieves a new nonce from the ACME server.

---

createJsonWebKey

Creates a JSON Web Key (JWK) from a public key.

---

createAccount

Creates a new account on the ACME server.

---

createOrder

Creates a new order for certificate issuance on the ACME server.

---

finalizeOrder

Finalizes a certificate order by submitting a Certificate Signing Request (CSR).

---

postAsGet

Performs a POST-as-GET request to retrieve order or authorization status.

---

postAsGetChal

Performs a POST-as-GET request for challenges

---

signPayloadJson

Signs a JSON payload for ACME server requests.

---

signPayload

Signs a payload for ACME server requests.

---

formatPublicKey

Formats a PEM-encoded public key to a key object.

---

formatPrivateKey

Formats a PEM-encoded private key to a key object.

---

base64urlEncode

Encodes input to a base64url-encoded string.

---

hexToBytes

Converts a hexadecimal string to a Uint8Array of bytes.

---

getNextNonce

Retrieves the next nonce for ACME protocol requests.

---

fetchRequest

Sends a signed request to the ACME server.

---

fetchSuggestedWindow

Fetches the suggested renewal window information for a certificate from the specified URL.

---

fetchAndRetryUntilOk

Fetch a resource with multiple retry attempts and progressive backoff.

---

fetchAndRetryProtectedUntilOk

Fetch a protected resource with multiple retry attempts and progressive backoff.

---

Errors/Exceptions

Errors and Exceptions will be returned in an object

// Exceptions
{
  error: {
    type: 'bac:exception:methodName',
    detail: Error: SyntaxError: Unexpected end of input
        at file:///base-acme-client.js:666:11
        at ModuleJob.run (node:internal/modules/esm/module_job:271:25)
        at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:547:26)
        at async asyncRunEntryPointWithESMLoader (node:internal/modules/run_main:116:5),
    status: 777777
  }
}

// Error from the Base ACME Client
{
  error: {
    type: 'bac:failed:methodName',
    detail: 'Could not complete methodName after multiple attempts',
    status: 777777
  }
}

// Error from the ACME Server
{
  error: {
    type: 'urn:ietf:params:acme:error:orderNotReady',
    detail: `Order's status ("valid") is not acceptable for finalization`,
    status: 403
  }
}

---

Full Working Examples

This module is used by Lets Encrypt ACME Client and Server SSL

ACME - v23.0.1

A module for interacting with ACME servers for automated SSL/TLS certificate issuance and management.

Release Notes

• add getNextNonce export
• rename newDirectoryAsync to newDirectory (its still async)
• rename newNonceAsync to newNonce (its still async)
• changes to how errors/exceptions are returned
• errors have error.type of bac:failed:methodName
• exceptions have error.type of bac:exception:methodName
• inside error.details is the message/exception
• errors and exceptions from bac have an error.status of 777777 or similar

---

Exports

import * as bac from 'base-acme-client'; // ES6

newDirectory

Fetches the directory information from an ACME server.

---

newNonce

Retrieves a new nonce from the ACME server.

---

createJsonWebKey

Creates a JSON Web Key (JWK) from a public key.

---

createAccount

Creates a new account on the ACME server.

---

createOrder

Creates a new order for certificate issuance on the ACME server.

---

finalizeOrder

Finalizes a certificate order by submitting a Certificate Signing Request (CSR).

---

postAsGet

Performs a POST-as-GET request to retrieve order or authorization status.

---

postAsGetChal

Performs a POST-as-GET request for challenges

---

signPayloadJson

Signs a JSON payload for ACME server requests.

---

signPayload

Signs a payload for ACME server requests.

---

formatPublicKey

Formats a PEM-encoded public key to a key object.

---

formatPrivateKey

Formats a PEM-encoded private key to a key object.

---

base64urlEncode

Encodes input to a base64url-encoded string.

---

hexToBytes

Converts a hexadecimal string to a Uint8Array of bytes.

---

getNextNonce

Retrieves the next nonce for ACME protocol requests.

---

fetchRequest

Sends a signed request to the ACME server.

---

fetchSuggestedWindow

Fetches the suggested renewal window information for a certificate from the specified URL.

---

fetchAndRetryUntilOk

Fetch a resource with multiple retry attempts and progressive backoff.

---

fetchAndRetryProtectedUntilOk

Fetch a protected resource with multiple retry attempts and progressive backoff.

---

Errors/Exceptions

Errors and Exceptions will be returned in an object

// Exceptions
{
  answer: {
    error: {
      type: 'bac:exception:methodName',
      detail: Error: SyntaxError: Unexpected end of input
          at file:///base-acme-client.js:666:11
          at ModuleJob.run (node:internal/modules/esm/module_job:271:25)
          at async onImport.tracePromise.__proto__ (node:internal/modules/esm/loader:547:26)
          at async asyncRunEntryPointWithESMLoader (node:internal/modules/run_main:116:5),
      status: 777777
    }
  }
}

// Error from the Base ACME Client
{
  answer: {
    error: {
      type: 'bac:failed:methodName',
      detail: 'Could not complete methodName after multiple attempts',
      status: 777777
    }
  }
}

// Error from the ACME Server
{
  answer: {
    error: {
      type: 'urn:ietf:params:acme:error:orderNotReady',
      detail: `Order's status ("valid") is not acceptable for finalization`,
      status: 403
    }
  }
}

---

Full Working Examples

This module is used by Lets Encrypt ACME Client and Server SSL