xen-orchestra/@xen-orchestra/self-signed
2024-01-30 09:51:24 +01:00
..
.npmignore feat: unified .npmignore for all packages 2021-04-07 13:58:14 +02:00
.USAGE.md feat(self-signed): readCert utility (#7282) 2024-01-16 16:58:15 +01:00
index.js feat(self-signed): improve compat with OpenSSL 3 2022-05-27 12:56:55 +02:00
package.json feat: technical release (#7341) 2024-01-30 09:51:24 +01:00
readCert.js feat(self-signed): readCert utility (#7282) 2024-01-16 16:58:15 +01:00
README.md feat(self-signed): readCert utility (#7282) 2024-01-16 16:58:15 +01:00

@xen-orchestra/self-signed

Package Version License PackagePhobia Node compatibility

Minimalist wrapper around openssl to generate a self signed certificate

Install

Installation of the npm package:

npm install --save @xen-orchestra/self-signed

Usage

genSelfSigned()

Generate a self-signed cert/key pair with OpenSSL.

import { genSelfSigned } from '@xen-orchestra/self-signed'

console.log(
  await genSelfSigned({
    // Number of days this certificate will be valid.
    //
    // Default: 360
    days: 600,
  })
)
// {
//   cert: '-----BEGIN CERTIFICATE-----\n' +
//     // content…
//     '-----END CERTIFICATE-----\n',
//   key: '-----BEGIN RSA PRIVATE KEY-----\n' +
//     // content…
//     '-----END RSA PRIVATE KEY-----\n'
// }

readCert()

Reads a cert/key pair from the filesystem, if missing or invalid, generates a new one and write them to the filesystem.

import { readCert } from '@xen-orchestra/self-signed/readCert'

const { cert, key } = await readCert('path/to/cert.pem', 'path/to/key.pem', {
  // if false, do not generate a new one in case of error
  autoCert: false,

  // this function is called in case a new pair is generated
  info: console.log,

  // mode used when creating files or directories after generating a new pair
  mode: 0o400,

  // this function is called when there is a non fatal error (fatal errors are thrown)
  warn: console.warn,
})

// unfortunately some cert/key issues are detected only when attempting to use them
//
// that's why you can pass a `use` function to `readCert` that will received the pair
// and in case some specific errors are thrown, it will trigger a new generation
await readCert('path/to/cert.pem', 'path/to/key.pem', {
  autoCert: true,

  async use({ cert, key }) {
    const server = https.createServer({ cert, key })

    await new Promise((resolve, reject) => {
      server.once('error', reject).listen(443, resolve)
    })
  },
})

Contributions

Contributions are very welcomed, either on the documentation or on the code.

You may:

  • report any issue you've encountered;
  • fork and create a pull request.

License

ISC © Vates SAS