A blueprint module for Greenlock (TM).

Usage no npm install needed!

<script type="module">
  import onehilltechBlueprintGreenlock from 'https://cdn.skypack.dev/@onehilltech/blueprint-greenlock';



A blueprint module for GreenlockTM.

npm version Build Status Dependencies Coverage Status

  • Seamlessly integrates Blueprint application with Let's Encrypt.
  • Automatically renews certificates within specified time window.
  • Minimal configuration needed.
  • Supports specialization of workflow entities.


yarn add @onehilltech/blueprint-greenlock


npm install @onehilltech/blueprint-greenlock --save

Getting Started

Server Configuration

Update the server configuration to use the GreenlockTM protocol.

// app/configs/server.js

module.exports = {
  connections : {
    greenlock : { 
      protocol: 'greenlock',
      // optional configuration for redirect-https
      redirect: {
      // optional configuration for tls
      tls: { 
      // optional configuration for https connection
      https: {

Basic Approvals

Create the GreenlockTM configuration file.

// app/configs/greenlock.js

module.exports = {
  /// Your list of domains supported by application.
  domains: ['greenlock.onehilltech.com'],
  /// Your contact email address.
  email: 'contact@onehilltech.com',
  /// Use basic strategy for approving domains.
  approveDomains: 'basic'

Custom Approvals

The basic configuration works well when you have one or more domains that all have the same configuration and approval. If you are in a situation where different domains have different configurations and/or approvals then you need to implement a custom configuration.

// app/greenlock/approve-domains.js

const { ApproveDomains } = require ('@onehilltech/blueprint-greenlock');

 * A custom implementation for approving domains. 
module.exports = ApproveDomains.extend ({
  approveDomains (options, certs) {
    // maybe lookup options.domain in a database.

The custom configuration must be located in app/greenlock/approve-domains. Otherwise the module will not be able to locate it.

The custom domain approval class must implement approveDomains. This method must return { options, certs }, or a Promise that resolves { options, certs }. If the domain is not approved, then this method must return Promise.reject (new Error (...)).

Next, update the greenlock configuration to use custom domain approvals.

// app/configs/greenlock.js

module.exports = {
  /// Use custom strategy for approving domains.
  approveDomains: 'custom'

Happy Coding!