Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const certStat = fs.statSync(certPath);
const certTtl = 1000 * 60 * 60 * 24;
const now = new Date();
// cert is more than 30 days old, kill it with fire
if((now - certStat.ctime) / certTtl > 30) {
console.log("SSL Certificate is more than 30 days old. Removing.");
del.sync([certPath], { force: true });
certExists = false;
}
}
if(!certExists) {
console.log("Generating SSL Certificate");
const attrs = [{ name: "commonName", value: "localhost" }];
const pems = selfsigned.generate(attrs, {
algorithm: "sha256",
days: 30,
keySize: 2048
});
fs.writeFileSync(certPath, pems.private + pems.cert, { encoding: "utf-8" });
}
const fakeCert = fs.readFileSync(certPath);
options.https.key = options.https.key || fakeCert;
options.https.cert = options.https.cert || fakeCert;
if(!options.https.spdy) {
options.https.spdy = {
protocols: ["h2", "http/1.1"]
};
// If certificate exists, ensure it's not older than 30 days, otherwise
// delete it
if (certExists) {
const certStat = statSync(certPath);
const certTtl = 1000 * 60 * 60 * 24;
const now = new Date();
if ((now - certStat.ctime) / certTtl > 30) {
del.sync([certPath, keyPath], { force: true });
certExists = false;
}
}
// If certificate doesn't exist, generate it
if (!certExists) {
const attrs = [{ name: "commonName", value: "localhost" }];
const pems = selfsigned.generate(attrs, {
algorithm: "sha256",
days: 30,
keySize: 2048,
extensions: [
{ name: "basicConstraints", cA: true },
{
name: "keyUsage",
keyCertSign: true,
digitalSignature: true,
nonRepudiation: true,
keyEncipherment: true,
dataEncipherment: true
},
{
name: "subjectAltName",
altNames: [
function createHTTPSConfig() {
// Generate certs for the local webpack-dev-server.
if (fs.existsSync(path.join(__dirname, "certs"))) {
const key = fs.readFileSync(path.join(__dirname, "certs", "key.pem"));
const cert = fs.readFileSync(path.join(__dirname, "certs", "cert.pem"));
return { key, cert };
} else {
const pems = selfsigned.generate(
[
{
name: "commonName",
value: "localhost"
}
],
{
days: 365,
algorithm: "sha256",
extensions: [
{
name: "subjectAltName",
altNames: [
{
type: 2,
value: "localhost"
const certStat = fs.statSync(certPath);
const certTtl = 1000 * 60 * 60 * 24;
const now = new Date();
// cert is more than 30 days old, kill it with fire
if ((now - certStat.ctime) / certTtl > 30) {
log('SSL Certificate is more than 30 days old. Removing.');
del.sync([certPath], { force: true });
certExists = false;
}
}
if (!certExists) {
log('Generating SSL Certificate');
const attrs = [{ name: 'commonName', value: 'localhost' }];
const pems = selfsigned.generate(attrs, {
algorithm: 'sha256',
days: 30,
keySize: 2048,
extensions: [{
name: 'basicConstraints',
cA: true
}, {
name: 'keyUsage',
keyCertSign: true,
digitalSignature: true,
nonRepudiation: true,
keyEncipherment: true,
dataEncipherment: true
}, {
name: 'subjectAltName',
altNames: [
fs.readFile(devPemCertPath, function (err, obj) {
//return cached certs if we have them and
if (err === null) {
rootPems = obj;
resolve({rootCAcert: rootPems.cert});
return;
}
selfsigned.generate(attrs, config, function (err, pems) {
if (err) {
reject(err);
}
rootPems = pems;
// Delete cert directory if root certs are re-created,
// since all other cert need to be recreated too
if(fs.existsSync(certPath)) {
fs.rmdirSync(certPath);
}
fs.mkdirSync(certPath);
//Cash the certs in dev mode. These are new certs so display the update instructions and exit.
jsonfile.writeFileSync(devCertPath, rootPems);
const extensions = [{
name: 'basicConstraints',
cA: true,
critical: true
}, {
name: 'subjectKeyIdentifier'
}, {
name: 'keyUsage',
digitalSignature: true,
keyCertSign: true,
critical: true
}];
const ss = selfsigned.generate(attrs, {
pkcs7: true,
days: 5000,
algorithm: 'sha256',
extensions: extensions
});
module.exports.jwks = {
keys: [{
alg: 'RS256',
kty: 'RSA',
use: 'sig',
kid: ss.fingerprint,
x5t: ss.fingerprint,
...pem2jwk(ss.public)
}]
private GenerateCertificate(aPath: string) {
console.log("Creating secure selfsigned keys...");
if (fs.existsSync("cert.pem") || fs.existsSync("private.pem")) {
console.log("Please remove cert.pem and private.pem files before generating new keys.");
return;
}
const pems = selfsigned.generate(undefined, { days: 365 });
fs.writeFileSync(path.join(aPath, "cert.pem"), pems.cert);
fs.writeFileSync(path.join(aPath, "private.pem"), pems.private);
console.log("cert.pem and private.pem generated");
return;
}
const host = conf.host || HOST;
const port = conf.port || PORT;
const hostname = conf.hostname || HOSTNAME;
if (!devServers[conf.index]) {
const compiler = webpack( config );
var https = false;
if (conf.https) {
console.log('Generating SSL Certificate');
const attrs = [
{ name: 'commonName', value: HOSTNAME },
{ name: 'subjectAltName', value: HOSTNAME }
];
const pem = selfsigned.generate(attrs, {
algorithm: 'sha256',
days: 30,
keySize: 2048
});
https = {
key: pem.private,
cert: pem.cert
};
}
const devServerConfig = {
publicPath: '/',
contentBase: path.join(__dirname, '../../dist'),
historyApiFallback: true,
noInfo: true,
hot: conf.hot || true,
const generateCert = commonName => {
const attrs = [
{ name: 'commonName', value: commonName },
{ name: 'countryName', value: 'US' },
{ name: 'stateOrProvinceName', value: 'Texas' },
{ name: 'localityName', value: 'Austin' },
{ name: 'organizationName', value: 'Nano Wallet Company LLC' },
{ name: 'organizationalUnitName', value: 'Desktop' },
{ name: 'emailAddress', value: 'desktop@nanowalletcompany.com' },
];
log.info('Generating TLS certificate:', commonName);
return selfsigned.generate(attrs, {
keySize: 2048,
algorithm: 'sha256',
extensions: [],
});
};
function createCertificate(attrs) {
return selfsigned.generate(attrs, {
algorithm: 'sha256',
days: 30,
keySize: 2048,
extensions: [
{
name: 'basicConstraints',
cA: true,
},
{
name: 'keyUsage',
keyCertSign: true,
digitalSignature: true,
nonRepudiation: true,
keyEncipherment: true,
dataEncipherment: true,
},