-
-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
IMPORTANT: Automate the certificate installation on MacOS
On MacOs, a certificate is automatically generated and installed.
- Loading branch information
1 parent
a756936
commit b22b3e0
Showing
11 changed files
with
153 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,15 @@ | ||
# MacOS | ||
.DS_STORE | ||
|
||
# IDEs | ||
.idea | ||
*.iml | ||
.DS_STORE | ||
|
||
# Node | ||
node_modules | ||
|
||
# Other | ||
coverage | ||
cert/CA.* | ||
cert/localhost.* | ||
cert/server.csr |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
const exec = require("child_process").exec | ||
|
||
// noinspection FallThroughInSwitchStatementJS | ||
switch (process.platform) { | ||
case "darwin": // MacOS | ||
console.log("\n----------------------------------------------\n" + | ||
"Please input your sudo password when required.\n" + | ||
"----------------------------------------------\n") | ||
exec("bash cert/generate.sh", (error, stdout, stderr) => { | ||
console.log(stdout) | ||
console.error(stderr) | ||
if (error !== null) console.error(`exec error: ${error}`) | ||
}) | ||
break | ||
case "linux": | ||
console.warn("Cannot generate the localhost certificate on linux yet. " + | ||
"Coming soon.") | ||
process.exit(0) | ||
case "win32": | ||
console.warn("Cannot generate the localhost certificate on Windows.") | ||
process.exit(0) | ||
case "freebsd": | ||
console.warn("Cannot generate the localhost certificate on freebsd. " + | ||
"Help wanted.") | ||
process.exit(0) | ||
case "sunos": | ||
console.warn("Cannot generate the localhost certificate on sunos. " + | ||
"Help wanted.") | ||
process.exit(0) | ||
default: | ||
console.warn("Cannot generate the localhost certificate on your " + | ||
"platform. Contact the developer.") | ||
process.exit(0) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
#!/usr/bin/env bash | ||
|
||
# capture errors and notify the user | ||
set -e | ||
trap 'if [[ $? -ne 0 ]]; then echo "ERROR: something went wrong."; fi' EXIT | ||
|
||
# check the os | ||
case "$(uname -s)" in | ||
Darwin*) machine=MacOS;; | ||
Linux*) machine=Linux | ||
echo "Linux support coming soon" | ||
exit 1;; | ||
CYGWIN*) machine=Linux | ||
echo "WARNING: Support for Cygwin not guaranteed. Trying with the Linux script (coming soon)." | ||
exit 1;; | ||
MINGW*) machine=Linux | ||
echo "WARNING: Support for MinGw not guaranteed. Trying with the Linux script (coming soon)." | ||
exit 1;; | ||
*) echo "Unknown operating system."; exit 1;; | ||
esac | ||
|
||
# generate the CA | ||
echo "Creating a certification authority to sign the certificate..." | ||
openssl req -x509 -newkey rsa:4096 -keyout cert/CA.key -out cert/CA.pem -days 1024 -nodes -subj "/C=US/ST=None/L=None/O=None/OU=None/CN=localhost" | ||
echo "Generated CA.key and CA.pem." | ||
|
||
# install the CA | ||
case ${machine} in | ||
MacOS*) | ||
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain cert/CA.pem | ||
;; | ||
Linux*) | ||
echo "WARNING: Only Ubuntu is supported. No guarantee for other Linux distributions." | ||
sudo mkdir /usr/local/share/ca-certificates/localhost | ||
cp cert/CA.key /usr/local/share/ca-certificates/localhost/CA.key | ||
cp cert/CA.pem /usr/local/share/ca-certificates/localhost/CA.pem | ||
sudo chmod 775 /usr/local/share/ca-certificates/localhost | ||
sudo update-ca-certificates | ||
;; | ||
*) exit 1;; | ||
esac | ||
|
||
# crate the certificate | ||
echo "Creating a certificate for localhost and signing with out CA..." | ||
openssl req -new -sha256 -nodes -out cert/server.csr -newkey rsa:2048 -keyout cert/localhost.key -config cert/server.conf | ||
openssl x509 -req -in cert/server.csr -CAkey cert/CA.key -CA cert/CA.pem -CAcreateserial -out cert/localhost.crt -days 1024 -sha256 -extfile cert/x509.ext | ||
echo "Generated localhost.key and localhost.crt." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
[req] | ||
default_bits=2048 | ||
prompt=no | ||
default_md=sha256 | ||
distinguished_name=dn | ||
|
||
[dn] | ||
C=US | ||
ST=None | ||
L=None | ||
O=None | ||
OU=None | ||
emailAddress=mail@example.com | ||
CN=localhost |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
authorityKeyIdentifier=keyid,issuer | ||
basicConstraints=CA:FALSE | ||
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment | ||
subjectAltName = @alt_names | ||
|
||
[alt_names] | ||
DNS.1 = localhost |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters