{"id":22800002,"url":"https://github.com/dadi/ssl","last_synced_at":"2025-10-20T05:38:28.707Z","repository":{"id":57105408,"uuid":"92717262","full_name":"dadi/ssl","owner":"dadi","description":"Autonomous SSL certificate generation in support of SSL-first approach.","archived":false,"fork":false,"pushed_at":"2019-05-07T09:10:27.000Z","size":139,"stargazers_count":1,"open_issues_count":4,"forks_count":3,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-03T08:47:38.718Z","etag":null,"topics":["dadi","letsencrypt","security","ssl","ssl-certificates"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dadi.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-29T07:37:18.000Z","updated_at":"2019-05-07T09:05:12.000Z","dependencies_parsed_at":"2022-08-21T03:00:30.399Z","dependency_job_id":null,"html_url":"https://github.com/dadi/ssl","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/dadi/ssl","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dadi%2Fssl","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dadi%2Fssl/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dadi%2Fssl/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dadi%2Fssl/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dadi","download_url":"https://codeload.github.com/dadi/ssl/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dadi%2Fssl/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":268166277,"owners_count":24206428,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-01T02:00:08.611Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dadi","letsencrypt","security","ssl","ssl-certificates"],"created_at":"2024-12-12T07:10:46.497Z","updated_at":"2025-10-20T05:38:23.657Z","avatar_url":"https://github.com/dadi.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DADI SSL\n\n\u003e Automated SSL certificate generation for the DADI Stack.\n\n[![npm (scoped)](https://img.shields.io/npm/v/@dadi/ssl.svg?maxAge=10800\u0026style=flat-square)](https://www.npmjs.com/package/@dadi/ssl)\n![coverage](https://img.shields.io/badge/coverage-55%25-red.svg?style=flat?style=flat-square)\n[![Build Status](https://travis-ci.org/dadi/ssl.svg?branch=master)](https://travis-ci.org/dadi/ssl)\n[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat-square)](http://standardjs.com/)\n\n## Overview\n\nDADI SSL is a lightweight fully automated totally free SSL generation service that fits seemlessly into the DADI suite of microservices, as all major routing modules including [restify](http://restify.com/) and [express](https://expressjs.com/).\n\nIt uses the [letsencrypt](https://letsencrypt.org/) certificate authority to register, create and automatically update multi-domain SSL certificates for use on single-server instances of your application. \n\nIt is recommended that load balanced services should apply certificates as part of the security policy, which is usually free.\n\n## Getting started\n\n1. Install the `@dadi/ssl` module:\n\n```shell\nnpm install @dadi/ssl --save\n```\n\n2. Add the library to your project file:\n\n```javascript\nconst SSL = require('@dadi/ssl')\n```\n\n3. Add preferences:\n\n```javascript\n\n// Example: select a domain and location to store certificates.\nconst ssl = new SSL()\n  .useDomains(['somedomain.com'])\n  .storeIn('/data/app/dadi-ssl/certs', true)\n  .registerTo('webadmin@dadi.co')\n  .secureServerRestart(serverRestartFunction)\n  .useListeningServer(listeningServer)\n  .start()\n```\n\n4. Using with your server\n\n```javascript\n// Example\n\n// Specify domain(s), a directory and a registration address.\nconst ssl = new SSL()\n  .useDomains(['somedomain.com'])\n  .storeIn('/data/app/dadi-ssl/certs', true)\n  .registerTo('webadmin@dadi.co')\n\n// Start listening server on port 80.\nconst listeningServer = restify.createServer({\n  port: 80\n})\n\n// Start secure server on port 443, with key and certificate files.\nconst server = restify.createServer({\n  port: 443,\n  key: ssl.getKey(),\n  certificate: ssl.getCertificate()\n})\n\n// Add your servers and start the process.\nssl\n  .secureServerRestart(serverRestartFunction)\n  .useListeningServer(listeningServer)\n  .start()\n\n```\n\n## Required settings\n\n#### `.useDomains(domains)`\n\nSelect the domains to register. Must be an array.\n\n```javascript\n// Example\n.useDomains(['foo.somedomain.com', 'bar.somedomain.com', 'somedomain.com'])\n```\n\n#### `.registerTo(email)`\n\nSet the email address for the certificate registration.\n\n```javascript\n// Example\n.registerTo('foo@somedomain.com')\n\n```\n\n.secureServerRestart(serverRestartFunction)\n\nPass a server restart method to be called after successful certificate generation.\n\n```javascript\n// Example\n.secureServerRestart(restartFunction)\n```\n\n#### `.useListeningServer(listeningServer)`\n\nA listening server running on port 80 allows the service to perform the necessary challenge requests. \n\n```javascript\n// Example\n.useListeningServer(listeningServer)\n```\n\n## Optional settings\n\n#### `.storeIn(domains)`\n\nSelect a directory to store certificate, and whether to force creation if the directory doesn't exist.\n\n```javascript\n// Example\n.storeIn('/data/app/dadi-ssl/certs', true)\n```\n\n#### `.autoRenew(autoRenew)`\n\nWhether to auto renew certificates two days before expiry.\n\nDefault: *true*\n\n```javascript\n// Example\n.autoRenew(true)\n```\n\n#### `.byteLength(length)`\n\nBytelength of certificate. Can be between 512 and 4096. Higher = more secure, but slower to generate. Certificates with 2048 are assumed to be uncompromisable until the year 2030.\n\nDefault: 2048\n\n```javascript\n// Example\n.byteLength(4096)\n```\n\n#### `.useEnvironment(environment)`\n\nSelect which letsencrypt environment to use. Can be useful when debugging or avoiding usage limits (20/day).\n\nOptions: `production`, `staging`\n\n```javascript\n// Example\n.useEnvironment('staging')\n```\n\n## Terminators\n\n#### `.start()`\n\nInitialises the process of creating certificates.\n\n```javascript\n// Example\nnew SSL()\n  .useDomains(['somedomain.com'])\n  .registerTo('webadmin@dadi.co')\n  .secureServerRestart(serverRestartFunction)\n  .useListeningServer(listeningServer)\n  .start()\n```\n\n#### `.getKey()`\n\nGet contents of the key file (domain.key). Useful for the `key` attribute of your server options.\n\n```javascript\nconst ssl = new SSL()\n\nssl.getKey()\n```\n\n#### `.getCertificate()`\n\nGet contents of the certificate chain file (chained.pem). Useful for the `certificate` attribute of your server options.\n\n```javascript\nconst ssl = new SSL()\n\nssl.getCertificate()\n```\n\n## Limitation\n\nLetsencrypt will allow a maximum of 20 requests per domain, per day. \n\nGeneration of certificates requests a response directly to the server that made the request which can't be guarenteed when using a load balancer.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdadi%2Fssl","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdadi%2Fssl","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdadi%2Fssl/lists"}