Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add implicit support for PFX or PKCS12 encoded certificates #673

Closed
wants to merge 3 commits into from
Closed

Add implicit support for PFX or PKCS12 encoded certificates #673

wants to merge 3 commits into from

Conversation

an-dr-eas-k
Copy link

@an-dr-eas-k an-dr-eas-k commented Oct 6, 2021
edited

Similar to the PR #580 I followed this comment #580 (comment) of @dakotaJang and added the PFX support without further program arguments.

The different certificate types are recognized from their file suffices.

Also, in this version the passphrases can be supplied either from file or directly from the string. This is distinguished by the existence of a file with the given name in parameter --ssl-pass.

Here some usage examples:

# start https with PEM certificate and decrypted keyfile
serve -l 8080 --ssl-cert mycert.crt --ssl-key mycert.decrypted.key

# start https with PEM certificate and encrypted keyfile with passphrase in file
# the file mycert.passphrase.txt contains a single line with the passphrase
serve -l 8080 --ssl-cert mycert.crt --ssl-key mycert.encrypted.key --ssl-pass mycert.passphrase.txt

# start https with PEM certificate and encrypted keyfile with passphrase from command argument
serve -l 8080 --ssl-cert mycert.crt --ssl-key mycert.encrypted.key --ssl-pass mysecretpa$$phrase

# start https with PKCS12 certificate and passphrase in file
serve -l 8080 --ssl-cert mycert.pfx --ssl-pass mycert.passphrase.txt

# start https with PKCS12 certificate and passphrase from command argument
serve -l 8080 --ssl-cert mycert.pfx --ssl-pass mysecretpa$$phrase

The relevant section of the new --help info is

      --ssl-cert                          Optional path to an SSL/TLS certificate in PEM or PKCS #12 format
                                          to serve with HTTPS
      --ssl-key                           Optional path to the PEM certificate's private key

      --ssl-pass                          Optional path to the PEM or PKCS #12 certificate's passphrase
                                          or password for PEM or PKCS #12 crypto file

@joshlongerbeam joshlongerbeam mentioned this pull request Oct 28, 2021
Open
@joshlongerbeam
Copy link

Do any of the @vercel contributors or maintainers have any input on this PR?

It's a feature my team would appreciate, and the PR fixes a bug that's holding us up (#679).

@leerob
Copy link
Member

leerob commented Jul 8, 2022

We are rewriting the project in TypeScript - if you are still interested in contributing, could you open a PR against this branch? #706

Thank you! (Also posting to #580)

@leerob leerob closed this Jul 8, 2022
@leerob leerob mentioned this pull request Jul 8, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@an-dr-eas-k @joshlongerbeam @leerob @schemburkar