Skip to content

Commit f2383e8

Browse files
ermshipereteermshiperete
authored
Fix formatting of README
1 parent 706d854 commit f2383e8

1 file changed

Lines changed: 12 additions & 11 deletions

File tree

README.md

Lines changed: 12 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -7,14 +7,14 @@ having to install any software or having to share your private keys with anyone.
77
It uses the non-profit [Let's Encrypt](https://letsencrypt.org/) certificate
88
authority to issue the free certificates. Hooray for free certs!
99

10-
##Donate
10+
## Donate
1111

1212
If this script is useful to you, please donate to the EFF. I don't work there,
1313
but they do fantastic work.
1414

1515
[https://eff.org/donate/](https://eff.org/donate/)
1616

17-
##How to use this website
17+
## How to use this website
1818

1919
Go to: https://gethttpsforfree.com
2020

@@ -35,14 +35,14 @@ These should all be installed by default in Linux and Mac OSX. If you're
3535
running Windows, you might need to install [Cygwin](https://cygwin.com/install.html)
3636
to get openssl and echo working on Windows.
3737

38-
##How this website works
38+
## How this website works
3939

4040
This website works by making requests to the Let's Encrypt [API](https://acme-v01.api.letsencrypt.org)
4141
(using the [ACME](https://github.com/ietf-wg-acme/acme) protocol). There's 5 steps to the process,
4242
which are explained below. Also, I encourage you to read the source code (it's not that long) and
4343
pop open your browser's debugger to see the ajax requests that are going on. Please, audit this!
4444

45-
###Step 1: Account Info
45+
### Step 1: Account Info
4646

4747
First, the ACME protocol requires you register a public key and contact information
4848
so you can sign all the requests you make to the API. In this step, you need to
@@ -80,15 +80,15 @@ This step converts it to this JWK:
8080
}
8181
```
8282

83-
###Step 2: Certificate Signing Request
83+
### Step 2: Certificate Signing Request
8484

8585
Second, you need to specify the domains you want certificates for. That's done
8686
through a certificate signing request ([CSR](https://en.wikipedia.org/wiki/Certificate_signing_request)).
8787
The javascript in this section uses the [ASN1.js](https://lapo.it/asn1js/) library
8888
to parse the CSR and read the domains. NOTE: the private key for the domain cert
8989
cannot be the same as your account private key, according to ACME.
9090

91-
###Step 3: Sign API Requests
91+
### Step 3: Sign API Requests
9292

9393
Third, you need tell the Let's Encrypt API that you want to register and get certs
9494
for some domains. These requests must be signed with your account private key, so
@@ -97,6 +97,7 @@ challenges for each domain, so if you want both `example.com` and `www.example.c
9797
need to make two new-authz calls.
9898

9999
Here's the list of requests that need to be made to the API:
100+
100101
* `/acme/new-reg` - Register the account public key (discarded if already registered)
101102
* `/acme/new-authz` - Asks for challenges for the domain for which you want a cert.
102103
* `/acme/new-authz` - (...needs to be called for each domain)
@@ -121,7 +122,7 @@ ajax requests to the above endpoints for `new-reg` and each `new-authz`. If the
121122
account public key has already been registered the `new-reg` response is a 409
122123
Conflict, which is ignored.
123124

124-
###Step 4: Verify Ownership
125+
### Step 4: Verify Ownership
125126

126127
The response for each `/new-authz` has some challenges you need perform to
127128
prove you own the domain. The challenge that this website chooses is "http-01",
@@ -146,13 +147,13 @@ challenge url to tell Let's Encrypt to verify the domain. Once this is done for
146147
all the domains in your CSR, an ajax request is made to `/new-cert` with the
147148
previously signed payload from step 3.
148149

149-
###Step 5: Install Certificate
150+
### Step 5: Install Certificate
150151

151152
The response from `/new-cert` should be your new certificate! Congrats! This
152153
step prints the certificate and also prints the intermediate certificate you
153154
need to chain this certificate to the root certificate.
154155

155-
##Privacy
156+
## Privacy
156157

157158
This website is entirely static files and only makes ajax requests to the
158159
Let's Encrypt API. It does not track or remember anything when you leave.
@@ -163,7 +164,7 @@ Finally, since this website is completely static, it's un-hostable! Just
163164
right-click and "Save Page As...", save the complete website to your local
164165
computer, then open it in a browser. It still works when hosted locally!
165166

166-
##Feedback/Contributing
167+
## Feedback/Contributing
167168

168169
I'd love to receive feedback, issues, and pull requests to make this script
169170
better. The main script itself, `js/index.js`, is less than 800 lines of code, so
@@ -177,7 +178,7 @@ TODO (pull requests welcome):
177178
* ~~Installation instructions for Apache~~
178179
* Accept GPG public keys as account public keys
179180

180-
##What's NOT on the Roadmap
181+
## What's NOT on the Roadmap
181182

182183
* Third party libraries (asn1.js is the only one)
183184
* Fonts or images

0 commit comments

Comments
 (0)