.. | ||
.npmignore | ||
.USAGE.md | ||
index.js | ||
package.json | ||
readCert.js | ||
README.md |
@xen-orchestra/self-signed
Minimalist wrapper around openssl to generate a self signed certificate
Install
Installation of the npm package:
npm install --save @xen-orchestra/self-signed
Usage
genSelfSigned()
Generate a self-signed cert/key pair with OpenSSL.
import { genSelfSigned } from '@xen-orchestra/self-signed'
console.log(
await genSelfSigned({
// Number of days this certificate will be valid.
//
// Default: 360
days: 600,
})
)
// {
// cert: '-----BEGIN CERTIFICATE-----\n' +
// // content…
// '-----END CERTIFICATE-----\n',
// key: '-----BEGIN RSA PRIVATE KEY-----\n' +
// // content…
// '-----END RSA PRIVATE KEY-----\n'
// }
readCert()
Reads a cert/key pair from the filesystem, if missing or invalid, generates a new one and write them to the filesystem.
import { readCert } from '@xen-orchestra/self-signed/readCert'
const { cert, key } = await readCert('path/to/cert.pem', 'path/to/key.pem', {
// if false, do not generate a new one in case of error
autoCert: false,
// this function is called in case a new pair is generated
info: console.log,
// mode used when creating files or directories after generating a new pair
mode: 0o400,
// this function is called when there is a non fatal error (fatal errors are thrown)
warn: console.warn,
})
// unfortunately some cert/key issues are detected only when attempting to use them
//
// that's why you can pass a `use` function to `readCert` that will received the pair
// and in case some specific errors are thrown, it will trigger a new generation
await readCert('path/to/cert.pem', 'path/to/key.pem', {
autoCert: true,
async use({ cert, key }) {
const server = https.createServer({ cert, key })
await new Promise((resolve, reject) => {
server.once('error', reject).listen(443, resolve)
})
},
})
Contributions
Contributions are very welcomed, either on the documentation or on the code.
You may:
- report any issue you've encountered;
- fork and create a pull request.