Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

std/node: support the "tls" module #1475

Closed
2 tasks done
piscisaureus opened this issue Oct 26, 2021 · 2 comments
Closed
2 tasks done

std/node: support the "tls" module #1475

piscisaureus opened this issue Oct 26, 2021 · 2 comments
Assignees
@kt3k

Comments

@piscisaureus
Copy link
Member

piscisaureus commented Oct 26, 2021
edited by ry
Loading

@bartlomieju bartlomieju mentioned this issue Nov 9, 2021
Closed
@bartlomieju bartlomieju mentioned this issue Nov 10, 2021
Closed
@ry ry mentioned this issue Jan 4, 2022
Closed
18 tasks
@bnoordhuis
Copy link
Contributor

This is at least partially blocked on briansmith/webpki#219 - webpki rejects certain types of certificates that are exceedingly common when dealing with self-signed CAs.

A workaround is to add x509v3 extensions to the server certificate to force it be a v3 certificate (note: an empty extension list won't work - also rejected), but that means our tls module is hardly a drop-in replacement.

@ry ry assigned bartlomieju and unassigned bnoordhuis Jan 25, 2022
@piscisaureus
Copy link
Member Author

I would suggest to pursue this without support for self signed X509 version 1 certificates.

If you need to generate a self signed certificate that works (e.g. for testing) you can use the following snippet (works on mac):

openssl req -new -x509 -nodes -days 365 -text -subj "/CN=localhost" -extensions v3_req \
    -config <(cat /etc/ssl/openssl.cnf <(printf "\n[v3_req]\nbasicConstraints=critical,CA:TRUE\nkeyUsage=nonRepudiation,digitalSignature,keyEncipherment\nsubjectAltName=DNS:localhost")) \
    -keyout server.key -out server.crt

@bartlomieju bartlomieju mentioned this issue Jan 29, 2022
Closed
@bartlomieju bartlomieju assigned kt3k and unassigned bartlomieju Feb 8, 2022
@kt3k kt3k mentioned this issue Feb 15, 2022
Merged
@kt3k kt3k mentioned this issue Feb 22, 2022
Merged
@ry ry closed this as completed Mar 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kt3k kt3k

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[WIP] feat(node): tls module bartlomieju/deno_std
6 participants
@ry @piscisaureus @bnoordhuis @kt3k @lucacasonato @bartlomieju