removing unecessary line

suggested changes
feat(xo-server): testing https to accept specific certificate
2024-02-14 09:57:56 +01:00 · 2024-02-12 11:21:32 +01:00 · 2024-02-08 09:46:20 +01:00
1 changed files with 52 additions and 0 deletions
--- a/scripts/trustCertificate.mjs
+++ b/scripts/trustCertificate.mjs
@@ -0,0 +1,52 @@
+#!/usr/bin/env node
+
+import https from 'node:https'
+import tls from 'node:tls'
+
+const [, , host, port = 443] = process.argv
+
+async function tryRequest(options) {
+  https
+    .request(options, res => {
+      console.log('statusCode:', res.statusCode)
+    })
+    .on('error', function (error) {
+      console.error('error:', error)
+    })
+    .end()
+}
+
+function getCertificate(options) {
+  return new Promise((resolve, reject) => {
+    tls
+      .connect(options, function () {
+        resolve(this.getPeerX509Certificate())
+        this.end()
+      })
+      .on('error', function (error) {
+        this.destroy()
+        reject(error)
+      })
+  })
+}
+
+// Trying request : it fails if self-signed certificate
+const options = { host, port, rejectUnauthorized: true, servername: host }
+console.log('\n-> Request with no certificate')
+tryRequest(options)
+
+// Asking for certificate
+const certificate = await getCertificate({ ...options, rejectUnauthorized: false })
+
+console.log('=> Certificate acquired')
+// console.log(certificate.subject, certificate.issuer, certificate.validFrom, certificate.validTo)
+// console.log(certificate.verify(certificate.publicKey))
+
+// Trying again with certificate
+console.log('\n-> Request using acquired certificate')
+tryRequest({
+  ...options,
+  ca: [...tls.rootCertificates, certificate.toString()],
+  // adding default ca with ...tls.rootCertificates avoids failing requests with other valid certificates, but it looks likes it also makes succeeding requests we want to fail (like https://pinning-test.badssl.com/)
+  // checkServerIdentity: () => {return undefined}, // for localhost
+})
Author	SHA1	Message	Date
b-Nollet	aa57fbf15b	removing unecessary line	2024-02-14 09:57:56 +01:00
b-Nollet	f89ef1db40	suggested changes	2024-02-12 11:21:32 +01:00
b-Nollet	fe4568bfe4	feat(xo-server): testing https to accept specific certificate	2024-02-08 09:46:20 +01:00