UNPKG

@hero64/testserve

Version:

A simple port-sharing proxy for development on multiple local domains, supports websockets

75 lines (64 loc) 2.56 kB
const fs = require("mz/fs"); const childProcess = require("mz/child_process"); const os = require("os"); const platform = os.platform(); const CONFIG_DIR = `${process.env.HOME}/.testserve`; function run(binary, args, options) { const cp = childProcess.spawn(binary, args, options); return new Promise((resolve, reject) => { cp.on("close", code => { if (code === 0) { resolve(); } else { reject(new Error(`${binary} exited with status '${code}'`)); } }); }); } exports.createSSLCertificateFor = async function createSSLCertificateFor(hostname) { if (!hostname || !hostname.match(/^[a-z0-9][a-z0-9-_.]+$/)) { throw new Error(`Unsupported hostname '${hostname}' (hints: use lower case; only alphanumeric, hyphen, underscore, dot; must start alphanumeric)`); } const configSrc = `${CONFIG_DIR}/${hostname}.ssl.cnf`; const keyDest = `${CONFIG_DIR}/${hostname}.ssl.key`; const certDest = `${CONFIG_DIR}/${hostname}.ssl.crt`; await fs.writeFile(configSrc, `\ [req] distinguished_name = req_distinguished_name x509_extensions = v3_req prompt = no [req_distinguished_name] CN = ${hostname} [v3_req] keyUsage = keyEncipherment, dataEncipherment extendedKeyUsage = serverAuth subjectAltName = @alt_names [alt_names] DNS.1 = ${hostname} DNS.2 = ${hostname}.test DNS.3 = ${hostname}.dev DNS.4 = ${hostname}.test `); await run("openssl", ["req", "-new", "-newkey", "rsa:2048", "-sha1", "-days", "3650", "-nodes", "-x509", "-keyout", keyDest, "-out", certDest, "-config", configSrc]); await fs.unlink(configSrc); console.log("SSL certificate successfully generated"); if (platform === "darwin") { console.log(`\ ================================================================================ We'll open Keychain Access in a moment. Here are the instructions what to do: 1. Click "Add" 2. Find the certificate (e.g. "${hostname}") in the "Certificates" category, select it, and click the [i] button at the bottom 3. In the popup window, click the ▶ button to the left of 'Trust', and select 'Always Trust' for 'When using this certificate:'. 4. Close the popup window. 5. When prompted, enter your password again and click Update Settings. 6. Quit Keychain Access. Press enter to continue `); await run("open", ["-a", "/Applications/Utilities/Keychain Access.app", certDest]); } else { console.log(`We don't have instructions for '${platform}' yet (PRs are welcome!); you need to add '${certDest}' as a trusted certificate`); } }; //# sourceMappingURL=ssl.js.map