From ce9c28fa2c886ff720ef76df9329136f72c77ee1 Mon Sep 17 00:00:00 2001
From: Iakhub Seitasanov <seitasanov.yahub@gmail.com>
Date: Sat, 14 Sep 2024 00:00:21 +0300
Subject: [PATCH] skip generating cert each time (#67122)

<!-- Thanks for opening a PR! Your contribution is much appreciated.
To make sure your PR is handled as smoothly as possible we request that
you follow the checklist sections below.
Choose the right checklist for the change(s) that you're making:

## For Contributors

### Improving Documentation

- Run `pnpm prettier-fix` to fix formatting issues before opening the
PR.
- Read the Docs Contribution Guide to ensure your contribution follows
the docs guidelines:
https://nextjs.org/docs/community/contribution-guide

### Adding or Updating Examples

- The "examples guidelines" are followed from our contributing doc
https://github.com/vercel/next.js/blob/canary/contributing/examples/adding-examples.md
- Make sure the linting passes by running `pnpm build && pnpm lint`. See
https://github.com/vercel/next.js/blob/canary/contributing/repository/linting.md

### Fixing a bug

- Related issues linked using `fixes #number`
- Tests added. See:
https://github.com/vercel/next.js/blob/canary/contributing/core/testing.md#writing-tests-for-nextjs
- Errors have a helpful link attached, see
https://github.com/vercel/next.js/blob/canary/contributing.md

### Adding a feature

- Implements an existing feature request or RFC. Make sure the feature
request has been accepted for implementation before opening a PR. (A
discussion must be opened, see
https://github.com/vercel/next.js/discussions/new?category=ideas)
- Related issues/discussions are linked using `fixes #number`
- e2e tests added
(https://github.com/vercel/next.js/blob/canary/contributing/core/testing.md#writing-tests-for-nextjs)
- Documentation added
- Telemetry added. In case of a feature if it's used or not.
- Errors have a helpful link attached, see
https://github.com/vercel/next.js/blob/canary/contributing.md


## For Maintainers

- Minimal description (aim for explaining to someone not on the team to
understand the PR)
- When linking to a Slack thread, you might want to share details of the
conclusion
- Link both the Linear (Fixes NEXT-xxx) and the GitHub issues
- Add review comments if necessary to explain to the reviewer the logic
behind a change

### What?

### Why?

### How?

Closes NEXT-
Fixes https://github.com/vercel/next.js/discussions/67120

-->

---------

Co-authored-by: JJ Kasper <jj@jjsweb.site>
---
 packages/next/src/lib/mkcert.ts               | 26 ++++++++++++++++---
 .../https-server.generated-key.test.ts        |  9 +++++++
 test/lib/next-modes/base.ts                   |  2 --
 3 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/packages/next/src/lib/mkcert.ts b/packages/next/src/lib/mkcert.ts
index 5a2a7dc89ec7e..06eb46a369052 100644
--- a/packages/next/src/lib/mkcert.ts
+++ b/packages/next/src/lib/mkcert.ts
@@ -1,8 +1,9 @@
-import fs from 'fs'
-import path from 'path'
+import fs from 'node:fs'
+import path from 'node:path'
+import { X509Certificate, createPrivateKey } from 'node:crypto'
 import { getCacheDirectory } from './helpers/get-cache-directory'
 import * as Log from '../build/output/log'
-import { execSync } from 'child_process'
+import { execSync } from 'node:child_process'
 const { WritableStream } = require('node:stream/web') as {
   WritableStream: typeof global.WritableStream
 }
@@ -112,6 +113,25 @@ export async function createSelfSignedCertificate(
     const keyPath = path.resolve(resolvedCertDir, 'localhost-key.pem')
     const certPath = path.resolve(resolvedCertDir, 'localhost.pem')
 
+    if (fs.existsSync(keyPath) && fs.existsSync(certPath)) {
+      const cert = new X509Certificate(fs.readFileSync(certPath))
+      const key = fs.readFileSync(keyPath)
+
+      if (
+        cert.checkHost(host ?? 'localhost') &&
+        cert.checkPrivateKey(createPrivateKey(key))
+      ) {
+        Log.info('Using already generated self signed certificate')
+        const caLocation = execSync(`"${binaryPath}" -CAROOT`).toString().trim()
+
+        return {
+          key: keyPath,
+          cert: certPath,
+          rootCA: `${caLocation}/rootCA.pem`,
+        }
+      }
+    }
+
     Log.info(
       'Attempting to generate self signed certificate. This may prompt for your password'
     )
diff --git a/test/development/experimental-https-server/https-server.generated-key.test.ts b/test/development/experimental-https-server/https-server.generated-key.test.ts
index 82dc95332fe9c..c20fa2ff7864e 100644
--- a/test/development/experimental-https-server/https-server.generated-key.test.ts
+++ b/test/development/experimental-https-server/https-server.generated-key.test.ts
@@ -33,4 +33,13 @@ describe('experimental-https-server (generated certificate)', () => {
     const html = await renderViaHTTP(next.url, '/2', undefined, { agent })
     expect(html).toContain('Hello from Pages')
   })
+
+  it('should successfully reuse generated certificates', async () => {
+    await next.stop()
+    await next.start()
+    expect(next.url).toInclude('https://')
+    expect(next.cliOutput).toContain(
+      'Using already generated self signed certificate'
+    )
+  })
 })
diff --git a/test/lib/next-modes/base.ts b/test/lib/next-modes/base.ts
index bfff29d05d280..ed2ff87feab2d 100644
--- a/test/lib/next-modes/base.ts
+++ b/test/lib/next-modes/base.ts
@@ -79,8 +79,6 @@ export class NextInstance {
     this.env = {}
     Object.assign(this, opts)
 
-    require('console').log('packageJson??', this.packageJson)
-
     if (!isNextDeploy) {
       this.env = {
         ...this.env,