`cacert` option in `https` not working

[govizlora]

• This is a bug
• This is a modification request

Code

// webpack.config.js
module.exports = {
  devServer: {
    https: {
      cacert: './server.pem',
      key: './server.key',
      cert: './server.crt',
    },
  },
};

Please paste the results of npx webpack-cli info here, and mention other relevant information

  System:
    OS: macOS 11.5.2
    CPU: (12) x64 Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
    Memory: 4.84 GB / 32.00 GB
  Binaries:
    Node: 14.16.0 - /private/var/folders/kd/zjk528jn2g16yv5gpw9lwqfw9qy68m/T/xfs-600e1ad3/node
    Yarn: 3.0.0-rc.11 - /private/var/folders/kd/zjk528jn2g16yv5gpw9lwqfw9qy68m/T/xfs-600e1ad3/yarn
    npm: 6.14.11 - ~/.nvm/versions/node/v14.16.0/bin/npm
  Browsers:
    Chrome: 93.0.4577.63
    Firefox: 91.0.2
    Safari: 14.1.2

Expected Behavior

cacert: './server.pem' is being used and the CA is provided.

Actual Behavior

The CA is not provided.

For Bugs; How can we reproduce the behavior?

Trust the CA in the local machine, then run the dev server using the config above. You would see that the browser(chrome) warns Your connection is not private.

With webpack-dev-server 3.11.0, the same config (with cacert named as ca) works.

The root cause is that in Node.JS's https.createServer's options, there is no property cacert, and the expected property is ca: https://nodejs.org/docs/latest-v16.x/api/tls.html#tls_tls_createsecurecontext_options

But the dev server is passing cacert, instead of ca, to https.createServer

webpack-dev-server/lib/Server.js

Line 519 in c11c759

if (options.https) {

The bug is introduced by #3240

[snitin315]

Thanks for reporting it, there are two options here -

• Change https.cacert back to https.ca
• Keep https.cacert , refactor logic to pass https.ca to the https module instead of https.cacert

[alexander-akait]

@snitin315 we should accept ca too and remove cacert in the next major release