Merge pull request #1024 from metsjeesus/ssl_bundle

Add SSL CA bundle option
This commit is contained in:
Jérémie Astori 2017-04-15 14:46:23 -04:00 committed by GitHub
commit 6ae6600518
2 changed files with 18 additions and 2 deletions

View File

@ -287,7 +287,16 @@ module.exports = {
// @example "sslcert/key-cert.pem" // @example "sslcert/key-cert.pem"
// @default "" // @default ""
// //
certificate: "" certificate: "",
//
// Path to the CA bundle.
//
// @type string
// @example "sslcert/bundle.pem"
// @default ""
//
ca: ""
}, },
// //

View File

@ -44,6 +44,7 @@ module.exports = function() {
} else { } else {
const keyPath = Helper.expandHome(config.https.key); const keyPath = Helper.expandHome(config.https.key);
const certPath = Helper.expandHome(config.https.certificate); const certPath = Helper.expandHome(config.https.certificate);
const caPath = Helper.expandHome(config.https.ca);
if (!keyPath.length || !fs.existsSync(keyPath)) { if (!keyPath.length || !fs.existsSync(keyPath)) {
log.error("Path to SSL key is invalid. Stopping server..."); log.error("Path to SSL key is invalid. Stopping server...");
@ -55,10 +56,16 @@ module.exports = function() {
process.exit(); process.exit();
} }
if (caPath.length && !fs.existsSync(caPath)) {
log.error("Path to SSL ca bundle is invalid. Stopping server...");
process.exit();
}
server = require("spdy"); server = require("spdy");
server = server.createServer({ server = server.createServer({
key: fs.readFileSync(keyPath), key: fs.readFileSync(keyPath),
cert: fs.readFileSync(certPath) cert: fs.readFileSync(certPath),
ca: caPath ? fs.readFileSync(caPath) : undefined
}, app); }, app);
} }