Skip to content

Commit

Permalink
feat: Add support for PFX or PKCS12 encoded certificates (#708)
Browse files Browse the repository at this point in the history
  • Loading branch information
schemburkar authored Jul 19, 2022
1 parent 36d60e7 commit 92fd640
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 16 deletions.
2 changes: 2 additions & 0 deletions source/utilities/cli.ts
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,10 @@ const helpText = chalkTemplate`
-S, --symlinks Resolve symlinks instead of showing 404 errors
--ssl-cert Optional path to an SSL/TLS certificate to serve with HTTPS
{grey Supported formats: PEM (default) and PKCS12 (PFX)}
--ssl-key Optional path to the SSL/TLS certificate\'s private key
{grey Applicable only for PEM certificates}
--ssl-pass Optional path to the SSL/TLS certificate\'s passphrase
Expand Down
43 changes: 27 additions & 16 deletions source/utilities/server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -62,21 +62,31 @@ export const startServer = async (
};

// Create the server.
const useSsl = args['--ssl-cert'] && args['--ssl-key'];
const httpMode = useSsl ? 'https' : 'http';
const sslCert = args['--ssl-cert'];
const sslKey = args['--ssl-key'];
const sslPass = args['--ssl-pass'];
const serverConfig =
httpMode === 'https' && args['--ssl-cert'] && args['--ssl-key']
? {
key: await readFile(args['--ssl-key']),
cert: await readFile(args['--ssl-cert']),
passphrase: sslPass ? await readFile(sslPass, 'utf8') : '',
}
: {};
const server =
httpMode === 'https'
? https.createServer(serverConfig, serverHandler)
: http.createServer(serverHandler);
const isPFXFormat = sslCert && /[.](?<extension>pfx|p12)$/.exec(sslCert);
const useSsl = sslCert && (sslKey || sslPass || isPFXFormat);

let serverConfig: http.ServerOptions | https.ServerOptions = {};
if (useSsl && sslCert && sslKey) {
// Format detected is PEM due to usage of SSL Key and Optional Passphrase.
serverConfig = {
key: await readFile(sslKey),
cert: await readFile(sslCert),
passphrase: sslPass ? await readFile(sslPass, 'utf8') : '',
};
} else if (useSsl && sslCert && isPFXFormat) {
// Format detected is PFX.
serverConfig = {
pfx: await readFile(sslCert),
passphrase: sslPass ? await readFile(sslPass, 'utf8') : '',
};
}

const server = useSsl
? https.createServer(serverConfig, serverHandler)
: http.createServer(serverHandler);

// Once the server starts, return the address it is running on so the CLI
// can tell the user.
Expand All @@ -101,8 +111,9 @@ export const startServer = async (
else address = details.address;
const ip = getNetworkAddress();

local = `${httpMode}://${address}:${details.port}`;
network = ip ? `${httpMode}://${ip}:${details.port}` : undefined;
const protocol = useSsl ? 'https' : 'http';
local = `${protocol}://${address}:${details.port}`;
network = ip ? `${protocol}://${ip}:${details.port}` : undefined;
}

return {
Expand Down
2 changes: 2 additions & 0 deletions tests/__snapshots__/cli.test.ts.snap
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,10 @@ exports[`utilities/cli > render help text 1`] = `
-S, --symlinks Resolve symlinks instead of showing 404 errors
--ssl-cert Optional path to an SSL/TLS certificate to serve with HTTPS
Supported formats: PEM (default) and PKCS12 (PFX)
--ssl-key Optional path to the SSL/TLS certificate's private key
Applicable only for PEM certificates
--ssl-pass Optional path to the SSL/TLS certificate's passphrase
Expand Down

0 comments on commit 92fd640

Please sign in to comment.