Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-06 22:40:26 -05:00
Code Issues Activity

Merge pull request #360 from wiggisser/master

Browse source 
Support pfx certificates
This commit is contained in:
Juan Picado @jotadeveloper 2017-10-18 22:12:10 +02:00 committed by GitHub
commit e5a2c327f7
1 changed files with 22 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
src/lib/cli.js
View file

@ -116,15 +116,18 @@ function afterConfigLoad() {
const app = server(config); const app = server(config);
get_listen_addresses().forEach(function(addr) { get_listen_addresses().forEach(function(addr) {
let webServer; let webServer;
if (addr.proto === 'https') { // https if (addr.proto === 'https') { // https must either have key cert and ca or a pfx and (optionally) a passphrase
if (!config.https || !config.https.key || !config.https.cert || !config.https.ca) { if (!config.https || !((config.https.key && config.https.cert && config.https.ca) || config.https.pfx)) {
let conf_path = function(file) { let conf_path = function(file) {
if (!file) return config_path; if (!file) return config_path;
return Path.resolve(Path.dirname(config_path), file); return Path.resolve(Path.dirname(config_path), file);
}; };
logger.logger.fatal([ logger.logger.fatal([
'You need to specify "https.key", "https.cert" and "https.ca" to run https server', 'You need to specify either ',
' "https.key", "https.cert" and "https.ca" or ',
' "https.pfx" and optionally "https.passphrase" ',
'to run https server',
'', '',
// commands are borrowed from node.js docs // commands are borrowed from node.js docs
'To quickly create self-signed certificate, use:', 'To quickly create self-signed certificate, use:',
@ -143,13 +146,24 @@ function afterConfigLoad() {
} }
try { try {
webServer = https.createServer({ const httpsOptions = {
secureProtocol: 'SSLv23_method', // disable insecure SSLv2 and SSLv3 secureProtocol: 'SSLv23_method', // disable insecure SSLv2 and SSLv3
secureOptions: constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_NO_SSLv3, secureOptions: constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_NO_SSLv3,
key: fs.readFileSync(config.https.key), };
cert: fs.readFileSync(config.https.cert),
ca: fs.readFileSync(config.https.ca), if (config.https.pfx) {
}, app); Object.assign(httpsOptions, {
pfx: fs.readFileSync(config.https.pfx),
passphrase: config.https.passphrase || '',
});
} else {
Object.assign(httpsOptions, {
key: fs.readFileSync(config.https.key),
cert: fs.readFileSync(config.https.cert),
ca: fs.readFileSync(config.https.ca),
});
}
webServer = https.createServer(httpsOptions, app);
} catch (err) { // catch errors related to certificate loading } catch (err) { // catch errors related to certificate loading
logger.logger.fatal({err: err}, 'cannot create server: @{err.message}'); logger.logger.fatal({err: err}, 'cannot create server: @{err.message}');
process.exit(2); process.exit(2);