UNPKG

bun-types

Version:

Type definitions and documentation for Bun, an incredibly fast JavaScript runtime

bun.com

oven-sh/bun

102 lines (82 loc) 2.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
--- title: TLS description: Enable TLS in Bun.serve --- Bun supports TLS out of the box, powered by [BoringSSL](https://boringssl.googlesource.com/boringssl). Enable TLS by passing in a value for `key` and `cert`; both are required to enable TLS. ```ts Bun.serve({ tls: { key: Bun.file("./key.pem"), // [!code ++] cert: Bun.file("./cert.pem"), // [!code ++] }, }); ``` The `key` and `cert` fields expect the _contents_ of your TLS key and certificate, _not a path to it_. This can be a string, `BunFile`, `TypedArray`, or `Buffer`. ```ts Bun.serve({ tls: { key: Bun.file("./key.pem"), // BunFile key: fs.readFileSync("./key.pem"), // Buffer key: fs.readFileSync("./key.pem", "utf8"), // string key: [Bun.file("./key1.pem"), Bun.file("./key2.pem")], // array of above }, }); ``` ### Passphrase If your private key is encrypted with a passphrase, provide a value for `passphrase` to decrypt it. ```ts Bun.serve({ tls: { key: Bun.file("./key.pem"), cert: Bun.file("./cert.pem"), passphrase: "my-secret-passphrase", // [!code ++] }, }); ``` ### CA Certificates Optionally, you can override the trusted CA certificates by passing a value for `ca`. By default, the server will trust the list of well-known CAs curated by Mozilla. When `ca` is specified, the Mozilla list is overwritten. ```ts Bun.serve({ tls: { key: Bun.file("./key.pem"), // path to TLS key cert: Bun.file("./cert.pem"), // path to TLS cert ca: Bun.file("./ca.pem"), // path to root CA certificate // [!code ++] }, }); ``` ### Diffie-Hellman To override Diffie-Hellman parameters: ```ts Bun.serve({ tls: { dhParamsFile: "/path/to/dhparams.pem", // path to Diffie Hellman parameters // [!code ++] }, }); ``` --- ## Server name indication (SNI) To configure the server name indication (SNI) for the server, set the `serverName` field in the `tls` object. ```ts Bun.serve({ tls: { serverName: "my-server.com", // SNI // [!code ++] }, }); ``` To allow multiple server names, pass an array of objects to `tls`, each with a `serverName` field. ```ts Bun.serve({ tls: [ { key: Bun.file("./key1.pem"), cert: Bun.file("./cert1.pem"), serverName: "my-server1.com", // [!code ++] }, { key: Bun.file("./key2.pem"), cert: Bun.file("./cert2.pem"), serverName: "my-server2.com", // [!code ++] }, ], }); ```