Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

std/node: support the "tls" module #1475

Closed
2 tasks done
piscisaureus opened this issue Oct 26, 2021 · 2 comments
Closed
2 tasks done

std/node: support the "tls" module #1475

piscisaureus opened this issue Oct 26, 2021 · 2 comments
Assignees
@kt3k

Comments

@piscisaureus
Copy link
Member

piscisaureus commented Oct 26, 2021
edited by ry
Loading

@bartlomieju bartlomieju mentioned this issue Nov 9, 2021
Closed
@bartlomieju bartlomieju mentioned this issue Nov 10, 2021
Closed
@ry ry mentioned this issue Jan 4, 2022
Closed
18 tasks
@bnoordhuis
Copy link
Contributor

This is at least partially blocked on https://github.com/briansmith/webpki/issues/219 - webpki rejects certain types of certificates that are exceedingly common when dealing with self-signed CAs.

A workaround is to add x509v3 extensions to the server certificate to force it be a v3 certificate (note: an empty extension list won't work - also rejected), but that means our tls module is hardly a drop-in replacement.

@ry ry assigned bartlomieju and unassigned bnoordhuis Jan 25, 2022
@piscisaureus
Copy link
Member Author

I would suggest to pursue this without support for self signed X509 version 1 certificates.

If you need to generate a self signed certificate that works (e.g. for testing) you can use the following snippet (works on mac):

openssl req -new -x509 -nodes -days 365 -text -subj "/CN=localhost" -extensions v3_req \
    -config <(cat /etc/ssl/openssl.cnf <(printf "\n[v3_req]\nbasicConstraints=critical,CA:TRUE\nkeyUsage=nonRepudiation,digitalSignature,keyEncipherment\nsubjectAltName=DNS:localhost")) \
    -keyout server.key -out server.crt

@bartlomieju bartlomieju mentioned this issue Jan 29, 2022
Closed
@bartlomieju bartlomieju assigned kt3k and unassigned bartlomieju Feb 8, 2022
@kt3k kt3k mentioned this issue Feb 15, 2022
Merged
@kt3k kt3k mentioned this issue Feb 22, 2022
Merged
@ry ry closed this as completed Mar 2, 2022
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@kt3k kt3k

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[WIP] feat(node): tls module bartlomieju/deno_std
6 participants
@ry @piscisaureus @bnoordhuis @kt3k @lucacasonato @bartlomieju