Zero-Dependencies Pure TypeScript ACME Client

4 Likes

I keep forget that JS/TS now have server side usage

2 Likes

I'm particularly proud of the CSR generation. It's something I never imagined myself implementing, but after hours of deep-diving into ASN.1 syntax, countless trial-and-error attempts, and reading through hundreds of octets, here we are!

I feel this so much. ASN.1 is a PITA.

DNS-01 Challenge only: We focus on the DNS-01 challenge type, which we believe is the most versatile.

I feel the same way. I'm curious though, is your intention that the users will always have to manage their own DNS records either by hand or write their own code to automate it? Or were you planning on adding some level of support for popular DNS providers? The big reason http-01 is so popular is that it's typically easier to automate because there are no external systems or APIs involved.

5 Likes

In fact, you can still use http-01 with this client / library. The way the challenge token is digested is the same. AcmeChallenge - @fishballpkg/acme - JSR

We say that we support DNS-01 exclusively as that's the only challenge we test with. And it is the only challenge we need in our other projects that uses this library.

:smiley:

2 Likes

Any chance of adding ACME Renewal Info to the roadmap?

4 Likes

currently you can find out the validity of the cert generated. what other information would you like to see in the future?

See draft-ietf-acme-ari-06 - Automated Certificate Management Environment (ACME) Renewal Information (ARI) Extension. ARI is a method to let ACME clients know they need to renew early.

5 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.