From 3eca65816f49735b82f1a0686ea50a3fd796279b Mon Sep 17 00:00:00 2001 From: Torok Gabor Date: Thu, 16 Sep 2021 20:42:51 +0200 Subject: [PATCH] Add option to provide custom SSL certificates during development The webpack-dev-server can be configured to use custom SSL certificates. Change the default config to look for enviroment variables SSL_CRT_FILE and SSL_KEY_FILE and set them if they exist when using HTTPS. This change was inspired by create-react-app: https://create-react-app.dev/docs/using-https-in-development/#custom-ssl-certificate https://github.com/facebook/create-react-app/commit/0299c0e6e70bca24da7a59eb5adbd4a2374a309c --- config/getHttpsConfig.js | 63 +++++++++++++++++++++++++++++++ config/webpackDevServer.config.js | 4 +- 2 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 config/getHttpsConfig.js diff --git a/config/getHttpsConfig.js b/config/getHttpsConfig.js new file mode 100644 index 00000000..f0e2fccf --- /dev/null +++ b/config/getHttpsConfig.js @@ -0,0 +1,63 @@ +'use strict'; + +const fs = require('fs'); +const path = require('path'); +const crypto = require('crypto'); +const paths = require('./paths'); + +// Ensure the certificate and key provided are valid and if not +// throw an easy to debug error +function validateKeyAndCerts({ cert, key, keyFile, crtFile }) { + let encrypted; + try { + // publicEncrypt will throw an error with an invalid cert + encrypted = crypto.publicEncrypt(cert, Buffer.from('test')); + } catch (err) { + throw new Error( + `The certificate "${crtFile}" is invalid.\n${err.message}` + ); + } + + try { + // privateDecrypt will throw an error with an invalid key + crypto.privateDecrypt(key, encrypted); + } catch (err) { + throw new Error( + `The certificate key "${keyFile}" is invalid.\n${ + err.message + }` + ); + } +} + +// Read file and throw an error if it doesn't exist +function readEnvFile(file, type) { + if (!fs.existsSync(file)) { + throw new Error( + `You specified ${type} in your env, but the file "${file}" can't be found.` + ); + } + return fs.readFileSync(file); +} + +// Get the https config +// Return cert files if provided in env, otherwise just true or false +function getHttpsConfig() { + const { SSL_CRT_FILE, SSL_KEY_FILE, HTTPS } = process.env; + const isHttps = HTTPS === 'true'; + + if (isHttps && SSL_CRT_FILE && SSL_KEY_FILE) { + const crtFile = path.resolve(paths.appPath, SSL_CRT_FILE); + const keyFile = path.resolve(paths.appPath, SSL_KEY_FILE); + const config = { + cert: readEnvFile(crtFile, 'SSL_CRT_FILE'), + key: readEnvFile(keyFile, 'SSL_KEY_FILE'), + }; + + validateKeyAndCerts({ ...config, keyFile, crtFile }); + return config; + } + return isHttps; +} + +module.exports = getHttpsConfig; diff --git a/config/webpackDevServer.config.js b/config/webpackDevServer.config.js index e1ce77ce..9b48e767 100644 --- a/config/webpackDevServer.config.js +++ b/config/webpackDevServer.config.js @@ -5,8 +5,8 @@ const evalSourceMapMiddleware = require('react-dev-utils/evalSourceMapMiddleware const noopServiceWorkerMiddleware = require('react-dev-utils/noopServiceWorkerMiddleware'); const config = require('./webpack.config.dev'); const paths = require('./paths'); +const getHttpsConfig = require('./getHttpsConfig'); -const protocol = process.env.HTTPS === 'true' ? 'https' : 'http'; const host = process.env.HOST || '0.0.0.0'; module.exports = function(proxy, allowedHost) { @@ -71,7 +71,7 @@ module.exports = function(proxy, allowedHost) { ignored: /node_modules/ }, // Enable HTTPS if the HTTPS environment variable is set to 'true' - https: protocol === 'https', + https: protocol === getHttpsConfig(), host: host, overlay: false, historyApiFallback: {