Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cacert option in https not working #3814

Closed
1 of 2 tasks
govizlora opened this issue Sep 8, 2021 · 2 comments · Fixed by #3820
Closed
1 of 2 tasks

cacert option in https not working #3814

govizlora opened this issue Sep 8, 2021 · 2 comments · Fixed by #3820
Assignees
@snitin315

Comments

@govizlora
Copy link

  • This is a bug
  • This is a modification request

Code

// webpack.config.js
module.exports = {
  devServer: {
    https: {
      cacert: './server.pem',
      key: './server.key',
      cert: './server.crt',
    },
  },
};

Please paste the results of npx webpack-cli info here, and mention other relevant information

  System:
    OS: macOS 11.5.2
    CPU: (12) x64 Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
    Memory: 4.84 GB / 32.00 GB
  Binaries:
    Node: 14.16.0 - /private/var/folders/kd/zjk528jn2g16yv5gpw9lwqfw9qy68m/T/xfs-600e1ad3/node
    Yarn: 3.0.0-rc.11 - /private/var/folders/kd/zjk528jn2g16yv5gpw9lwqfw9qy68m/T/xfs-600e1ad3/yarn
    npm: 6.14.11 - ~/.nvm/versions/node/v14.16.0/bin/npm
  Browsers:
    Chrome: 93.0.4577.63
    Firefox: 91.0.2
    Safari: 14.1.2

Expected Behavior

cacert: './server.pem' is being used and the CA is provided.
Screen Shot 2021-09-08 at 1 49 54 PM

Actual Behavior

The CA is not provided.
Screen Shot 2021-09-08 at 1 50 51 PM

For Bugs; How can we reproduce the behavior?

Trust the CA in the local machine, then run the dev server using the config above. You would see that the browser(chrome) warns Your connection is not private.

With webpack-dev-server 3.11.0, the same config (with cacert named as ca) works.

The root cause is that in Node.JS's https.createServer's options, there is no property cacert, and the expected property is ca: https://nodejs.org/docs/latest-v16.x/api/tls.html#tls_tls_createsecurecontext_options

But the dev server is passing cacert, instead of ca, to https.createServer

webpack-dev-server/lib/Server.js

Line 519 in c11c759

if (options.https) {

The bug is introduced by #3240
@snitin315 snitin315 self-assigned this Sep 9, 2021
@snitin315
Copy link
Member

Thanks for reporting it, there are two options here -

  • Change https.cacert back to https.ca
  • Keep https.cacert , refactor logic to pass https.ca to the https module instead of https.cacert

@snitin315 snitin315 mentioned this issue Sep 9, 2021
Merged
6 tasks
@alexander-akait
Copy link
Member

@snitin315 we should accept ca too and remove cacert in the next major release

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@snitin315 snitin315

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: respect https.cacert option webpack/webpack-dev-server
3 participants
@alexander-akait @govizlora @snitin315