mirror of https://github.com/certd/certd
162e10909b
Small crypto docs fix 2 Small crypto docs fix Bump v5.3.1 Discourage use of cert subject common name, examples and docs Style refactor docs and examples Bump dependencies |
||
|---|---|---|
| .. | ||
| dns-01 | ||
| http-01 | ||
| tls-alpn-01 | ||
| README.md | ||
| api.js | ||
| auto.js | ||
| fallback.crt | ||
| fallback.key | ||
README.md
Disclaimer
These examples should not be used as is for any production environment, as they are just proof of concepts meant for testing and to get you started. The examples are naively written and purposefully avoids important topics since they will be specific to your application and how you choose to use acme-client, like for example:
- Concurrency control
- If implementing on-demand certificate generation
- What happens when multiple requests hit your domain at the same time?
- Ensure your application does not place multiple cert orders for the same domain at the same time by implementing some sort of exclusive lock
- Domain allow lists
- If implementing on-demand certificate generation
- What happens when someone manipulates the
ServerNameorHostheader to your service? - Ensure your application is unable to place certificate orders for domains you do not intend, as this can quickly rate limit your account and cause a DoS
- Clustering
- If using
acme-clientacross a cluster of servers - Ensure challenge responses are known to all servers in your cluster, perhaps using a database or shared storage
- If using
- Certificate and key storage
- Where and how should the account key be stored and read?
- Where and how should certificates and cert keys be stored and read?
- How and when should they be renewed?