1 | module.exports = function secure(app) {
|
2 | if (secured[app.domain]) return secured[app.domain]
|
3 |
|
4 | try {
|
5 | child_process.execSync(`security delete-certificate -c ${app.domain}`, { silent: true })
|
6 | } catch (err) {
|
7 | }
|
8 |
|
9 | const s = createCSR({ commonName: app.domain })
|
10 | .then(sig =>
|
11 | createCertificate({
|
12 | clientKey: sig.clientKey,
|
13 | csr: sig.csr,
|
14 | days: 30,
|
15 | selfSigned: true
|
16 | })
|
17 | ).then(keys => {
|
18 | const tmp = `${process.cwd()}/.${app.domain}.crt.tmp`
|
19 | fs.writeFileSync(tmp, keys.certificate)
|
20 | child_process.execSync(`security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" ${tmp}`)
|
21 | fs.unlinkSync(tmp)
|
22 |
|
23 | APPS[app.domain] = {
|
24 | app,
|
25 | ctx: tls.createSecureContext({
|
26 | cert: keys.certificate,
|
27 | key: keys.serviceKey
|
28 | })
|
29 | }
|
30 | })
|
31 |
|
32 | secured[app.domain] = s
|
33 | return s
|
34 | }
|