🥳 Minor releases

• Auto Encrypt 5.1.0: Moves automatic IP address detection from top-level await to asynchronous createServer() method to enable servers that import to run offline when they’re running on localhost) and exports IPAddresses class so servers can carry out their own automatic IP address detection (IPv4 and IPv6) if they want full control over exactly which domains and IP addresses are included in provisioned TLS certificates.¹

• @small-tech/https: Re-exports IPAddresses class so servers (like Kitten²) can have full control over exactly which domains and IP addresses are included in provisioned TLS certificates.³

¹ https://codeberg.org/small-tech/auto-encrypt/src/branch/main/CHANGELOG.md#5-1-0-2026-01-21
² https://kitten.small-web.org
³ https://codeberg.org/small-tech/https/src/branch/main/CHANGELOG.md#6-1-0-2026-01-21

#SmallWeb #SmallTech #AutoEncrypt #https #releaseUpdates

🥳 Multiple major releases today

• @small-tech/auto-encrypt v5.0.0 (https://codeberg.org/small-tech/auto-encrypt#readme)
• @small-tech/auto-encrypt-localhost v10.0.0 (https://codeberg.org/small-tech/auto-encrypt-localhost/#readme)
• @small-tech/https v6.0.0 (https://codeberg.org/small-tech/https/#readme)

These releases bring short-lived certificates, IP Address (IPv4 and IPv6) support, and ACME Renewal Information (ARI) support to Auto Encrypt and @small-tech/https, implement a consistent asynchronous API across all three packages, and include loads of little fixes and code quality improvements.

This brings us very close to getting Web Numbers¹ support implemented natively in Kitten².

OCSP support is removed from Auto Encrypt and Windows support is dropped from all three packages as Microsoft is complicit in Israel’s genocide of the Palestinian people³ and Small Technology Foundation⁴ stands in solidarity with the Boycott, Divestment, and Sanctions (BDS) movement. Furthermore, Windows is an ad-infested and surveillance-ridden dumpster fire of an operating system and, alongside supporting genocide, you are putting both yourself and others at risk by using it.

Enjoy!

💕

🇵🇸 To support families facing genocide in Gaza, consider donating to them via Gaza Verified: https://gaza-verified.org/donate/

¹ https://ar.al/2025/06/25/web-numbers/
² https://kitten.small-web.org/
³ https://www.bdsmovement.net/microsoft
⁴ https://small-tech.org/

#SmallWeb #SmallTech #AutoEncrypt #AutoEncryptLocalhost #https #TLS #NodeJS #web #dev #ACME #LetsEncrypt #WebNumbers #Kitten #BDS #Palestine #Gaza #FreePalestine

Yay, first shot of Auto Encrypt¹ running a HTTPS web server at a Web Number (IP address).

https://ar.al/2025/06/25/web-numbers/

Next step: find out why some of the tests are failing on the Linux box, fix, and implement Web Numbers support in Kitten² and Catalyst³.

¹ https://codeberg.org/small-tech/auto-encrypt#readme
² https://kitten.small-web.org
³ https://catalyst.small-web.org/

#WebNumbers #SmallWeb #AutoEncrypt #Kitten #Catalyst #peerToPeer #web #dev

Just added Web Reachability API (at least that’s what I’m calling it) support to https://ip.small-web.org.

It’s for testing the reachability of your Small Web servers (using a domain or, more importantly, an IPv4/IPv6 address). I’m using it to implement Web Numbers¹ support in Auto Encrypt² and Kitten³.

Protocol:

• At http://<endpoint> return an empty HTTP 200 response that includes the following custom header: 'web-reachability-id': ‘<uuid>'
• Hit: https://ip.small-web.org/reach/<endpoint>/<uuid>/
• If you get a 200 response back, your endpoint is reachable. Anything else signals an error.

Enjoy! 💕

¹ https://ar.al/2025/06/25/web-numbers/
² https://codeberg.org/small-tech/auto-encrypt
³ https://kitten.small-web.org

#WebReachabilityAPI #WebNumbers #IpAddresses #reachability #Kitten #AutoEncrypt #SmallWeb #peerToPeerWeb #SmallTech

Just requested that Auto Encrypt¹ is added to the list of @letsencrypt clients for Node.js and that Kitten² is added to the list of projects that integrate Let’s Encrypt support:

• https://github.com/letsencrypt/website/pull/1921
• https://github.com/letsencrypt/website/pull/1922

I originally requested that Auto Encrypt and Site.js (the precursor to Kitten, now sunset) be added to the list in 2021. It was not approved (no reason given), so hopefully this time will be different.

https://github.com/letsencrypt/website/pull/1203

¹ https://codeberg.org/small-tech/auto-encrypt
² https://kitten.small-web.org

#SmallWeb #SmallTech #AutoEncrypt #Kitten #LetsEncrypt #NodeJS #ACME

🔒 Auto Encrypt – heads up!

In the next minor version release of Auto Encrypt¹, we’ll be moving from a hard-coded date-based certificate renewal check to using ACME Renewal Information (ARI)².

The change³ should be seamless.

If you have any concerns, now is the time to raise them :)

#AutoEncrypt #TLS #LetsEncrypt #SmallTech #SmallWeb

¹ Drop-in Node.js https server replacement that automatically provisions and renews Let’s Encrypt certificates for you. (https://codeberg.org/small-tech/auto-encrypt#auto-encrypt)
² https://datatracker.ietf.org/doc/draft-ietf-acme-ari/
³ https://codeberg.org/small-tech/auto-encrypt/src/branch/main/CHANGELOG.md#4-4-0-2025

👋🤓 Goodbye Site.js, Hello Kitten!

I started working on creating a Small Web¹ server (a peer-to-peer Web server) six years ago² with Site.js.

Building Site.js was my first attempt. And it resulted in:

• Auto Encrypt (automatic Let’s Encrypt certificates): https://codeberg.org/small-tech/auto-encrypt

• Auto Encrypt Localhost (automatic localhost TLS certificates): https://codeberg.org/small-tech/auto-encrypt-localhost

• @small-tech/https (drop-in Node.js https module replacement with automatic TLS certs everywhere): https://codeberg.org/small-tech/https

• JSDB: In-process, in-memory JavaScript database that persists to append-only JavaScript logs: https://codeberg.org/small-tech/jsdb

As Site.js reached an evolutionary dead-end, and as I learned from my experiements with replicated data types that replicated data types are *not* a prerequisite for a decentralised web (actual topological decentralisation and ease of use are), I started writing a new server/platform called Kitten from scratch while still making use of the tried and tested modules listed above.

Last week, I switched over our last site using Site.js to Kitten and, with that, today I’ve sunset³ Site.js:

https://sitejs.org

For its successor, please see Kitten:

https://kitten.small-web.org

If you want to support our work at the Small Technology Foundation, please consider becoming a patron:

https://small-tech.org/fund-us

:kitten:💕

¹ https://ar.al/2024/06/24/small-web-computer-science-colloquium-at-university-of-groningen/
² https://ar.al/2019/08/26/introducing-small-technology-foundation/
³ Using our instance of Look Over There!: https://look-over-there.small-web.org

#SiteJS #SmallWeb #SmallTech #peerToPeerWeb #SmallTechnologyFoundation #AutoEncrypt #AutoEncryptLocalhost #JSDB #JavaScriptDatabase #https #TLS

New releases

• Kitten (rolling release)
• @small-tech/https version 5.3.2
• Auto Encrypt version 4.1.3

OCSP support has been reinstated in the server so existing sites with Let’s Encrypt certificates provisioned prior to the removal of the OCSP stapling requirement will not fail to load in Firefox.

Kitten servers in production will automatically update to this version in a few hours. You can also sign in to the Kitten settings page on your server and do a manual update to update Kitten immediately.

Thanks to @stefan and @s1r83r for bringing this to my attention. (https://mastodon.ar.al/@aral/113969540950647873)

#Kitten #SmallWeb #SmallTech #AutoEncrypt #TLS #SSL #HTTPS #OCSP #LetsEncrypt #web #dev #NodeJS #JavaScript

New Kitten release

• Upgrades to version 5.3.1 of @small-tech/https¹ which has version 4.1.2 of Auto Encrypt² that l removes OCSP stapling (because Let’s Encrypt has removed OCSP support).

Please upgrade your Kitten as soon as possible or any new Kitten servers you try to set up will fail and any certificate renewals for existing servers will start to fail in May.

https://kitten.small-web.org

(To upgrade, run `kitten update`. Your production servers will update automatically.)

Enjoy!

:kitten:💕

¹ https://www.npmjs.com/package/@small-tech/https
² https://www.npmjs.com/package/@small-tech/auto-encrypt

#Kitten #SmallWeb #SmallTech #web #dev #TLS #HTTPS #AutoEncrypt #NodeJS #JavaScript #OCSP #LetsEncrypt

@small-tech/https version 5.3.0 released

• Uses Auto Encrypt 4.1.1 (removes OCSP stapling support because Let]s Encrypt has removed OCSP support).

https://www.npmjs.com/package/@small-tech/https

This module is a drop in replacement for Node HTTPS module that automatically handles TLS certificate provisioning and renewal both at localhost (via Auto Encrypt Localhost¹) and at hostname (via Auto Encrypt with Let’s Encrypt certificates²).

So, this is how you create a HTTPS server in Node.js that uses this module and automatically handles TLS certificate provisioning and renewal for you both at localhost (during development) and at hostname (during production):

```js
import https from '@small-tech/https'

const server = https.createServer((request, response) => {
response.end('Hello, world!')
})

server.listen(443, () => {
console.log(' 🎉 Server running at https://localhost.')
})
```

(Yes, that’s it! I wrote a metric shit-tonne of meticulously-tested code so you don’t have to.) :)

💡 Note that the localhost certificate support via Auto Encrypt Localhost is 100% JavaScript and does NOT rely on an external binary like mkcert or certutil.

Needless to say, Kitten³ uses this module under the hood and it’s a big part of why Domain⁴ can deploy servers so easily that don’t require any day-to-day maintenance.

In case you’re wondering why I’m spending so much time releasing all these modules, it’s because I believe in sharing every brick of the house I’m building so others can easily build different houses if they want to. I’m not saying that what I’m building with Kitten, Domain, and Place⁵ will be the end all be all of the Small Web⁶ (the peer-to-peer web). And I want others to be able to experiment by building their own tools without having to go through the grueling development process I’ve had to in the past six years to build basic infrastructure.

Enjoy!

💕

¹ https://codeberg.org/small-tech/auto-encrypt-localhost
² https://codeberg.org/small-tech/auto-encrypt
³ https://kitten.small-web.org
⁴ https://codeberg.org/domain/app
⁵ https://codeberg.org/place/app
⁶ https://ar.al/2024/06/24/small-web-computer-science-colloquium-at-university-of-groningen/

#SmallWeb #SmallTech #AutoEncrypt #LetsEncrypt #localhost #TLS #SSL #HTTPS #Kitten #NodeJS #JavaScript #servers #web #dev #FOSS

Auto Encrypt version 4.1.1 released

Fixed:

• User agent string now includes the correct Auto Encrypt version (and the name fragment “auto-encrypt” instead of “acme”).

• Tests now send `Connection: close` header so they’re not tripped up by the default `keep-alive` introduced in Node 19.

https://www.npmjs.com/package/@small-tech/auto-encrypt

#SmallWeb #SmallTech #AutoEncrypt #LetsEncrypt #TLS #SSL #HTTPS #NodeJS #JavaScript #servers #web #dev #FOSS

Auto Encrypt version 4.1.0 released

• Removes OCSP stapling, as Let’s Encrypt is removing OCSP support.

If you’re already using Auto Encrypt upgrade before May or your certificate renewals will start to fail. Upgrade now if you want to get certificates for new domains as new certificate requests are already failing.

https://codeberg.org/small-tech/auto-encrypt#readme

Auto Encrypt automatically provisions and renews Let’s Encrypt TLS certificates on Node.js https servers (including Kitten¹, Polka, Express.js, etc.)

Regular Node.js HTTPS server (without Let’s Encrypt certificates):

```js
import https from 'node:https'
const server = https.createServer(…)
```

Auto Encrypt https server with automatic Let’s Encrypt certificates:

```js
import AutoEncrypt from '@small-tech/auto-encrypt'
const server = AutoEncrypt.https.createServer(…)
```

(Certificates are provisioned on first hit and automatically renewed 30 days before expiry.)

¹ https://kitten.small-web.org

#AutoEncrypt #LetsEncrypt #TLS #SSL #HTTPS #NodeJS #JavaScript #servers #web #dev #SmallWeb #SmallTech #FOSS

So I guess Let’s Encrypt has decided what I’ll be working on today then…

https://letsencrypt.org/2024/12/05/ending-ocsp/

(They’re ending OCSP stapling support. I’ll be updating Auto Encrypt¹ to remove OCSP support and then update @small-tech/https, which uses it, along with Auto Encrypt Localhost² to provide seamless TLS support regardless of whether you’re working in development or in production, and then update Site.js³ – deprecated but still used to serve some of our own sites at Small Technology Foundation⁴ – and Kitten⁵, with the latest @small-tech/https.)

¹ https://codeberg.org/small-tech/auto-encrypt
² https://codeberg.org/small-tech/auto-encrypt-localhost
³ https://codeberg.org/small-tech/https
⁴ https://small-tech.org
⁵ https://kitten.small-web.org

#SmallWeb #SmallTech #TLS #SSL #HTTPS #LetsEncrypt #OCSP #AutoEncrypt #AutoEncryptLocalhost #SiteJS #Kitten

Just released v4.0.0 of Auto Encrypt (Automatically-provisioned TLS certificates for Node.js servers using Let’s Encrypt.)

This is a semver major release that requires Node.js LTS 18.2+.

https://codeberg.org/small-tech/auto-encrypt

#NodeJS #AutoEncrypt #TLS #SSL #LetsEncrypt #JavaScript #JS #SmallTech #SmallWeb #web #dev

It’s lovely to see projects like https://immers.space using Auto Encrypt (@small-tech/auto-encrypt). If you know of any others, do let me know. I’d love to mention them in the readme and in my talks.

https://codeberg.org/small-tech/auto-encrypt

#autoEncrypt #smallWeb #smallTech #tls #https #letsEncrypt #web #dev #nodeJS

Folks, if you’re using @small-tech/auto-encrypt in your projects, please make sure you’re running the latest version of the package (3.1.0) or certificate provisioning/renewal will fail due to the latest Let’s Encrypt protocol update.

https://codeberg.org/small-tech/auto-encrypt/src/branch/main/CHANGELOG.md#3-1-0-2022-06-07

#tls #https #letsEncrypt #autoEncrypt #js #javaScript #nodeJS #web #dev #smallWeb #smallTech

Just released Auto Encrypt version 2.0.6

(Auto Encrypt provides automatic Let’s Encrypt certificate provisioning for Node.js)

- Fixes an assignment to constant that would have crashed when a `Retry-After` header was received from Let’s Encrypt.

- Also improves developer documentation.

npm i @small-tech/auto-encrypt

https://github.com/small-tech/auto-encrypt

#AutoEncrypt #SmallTech #NodeJS #js

Just released version 1.3.0 of @small-tech/https, a drop-in replacement for the Node.js https module that automatically provisions Let’s Encrypt and localhost certificates.

https://github.com/small-tech/https

To use:

const https = require('@small-tech/https')
https.createServer(…)

This version includes the automatic HTTP to HTTPS redirection in the latest Auto Encrypt.

#NodeJS #https #SmallTech #SmallWeb #TLS #LetsEncrypt #AutoEncrypt

Auto Encrypt is the easiest way to create a Node.js secure server that Just Works™

// Regular server:
const https = require('https')
https.createServer(…)

// Auto-Encrypted server:
const AutoEncrypt = require('@small-tech/auto-encrypt')
AutoEncrypt.https.createServer(…)

https://github.com/small-tech/auto-encrypt

#SmallTech #LetsEncrypt #NodeJS #AutoEncrypt