Skip to content

Consider Certs In NODE_EXTRA_CA_CERTS #166

New issue
New issue
Closed
Closed
Consider Certs In NODE_EXTRA_CA_CERTS#166
Assignees
mjroghelia
Labels
enhancementstale
@Jacksondr5

Description

@Jacksondr5
Jacksondr5
opened on Sep 27, 2019

Feature Request

Consider certificates referenced by NODE_EXTRA_CA_CERTS

Impacted Code

typed-rest-client/lib/HttpClient.ts

Lines 124 to 142 in c99dbbe

this._certConfig = requestOptions.cert;
if (this._certConfig) {
// If using cert, need fs
fs = require('fs');
// cache the cert content into memory, so we don't have to read it from disk every time
if (this._certConfig.caFile && fs.existsSync(this._certConfig.caFile)) {
this._ca = fs.readFileSync(this._certConfig.caFile, 'utf8');
}
if (this._certConfig.certFile && fs.existsSync(this._certConfig.certFile)) {
this._cert = fs.readFileSync(this._certConfig.certFile, 'utf8');
}
if (this._certConfig.keyFile && fs.existsSync(this._certConfig.keyFile)) {
this._key = fs.readFileSync(this._certConfig.keyFile, 'utf8');
}
}

A check for the env variable should probably happen around here. I'm not sure if it would be better to have the ICertConfiguration options merge with anything found in the environment variable or just overwrite the environment variable in favor of the supplied certs.

Use Case

As the node PR explains, self-signed certs are commonly used in closed environments.

My organization has recently encountered this problem with several TFS extensions. Using the environment variable solved the problem when extensions were using node HTTP clients, but there are a few extensions that use this library and do not surface a way for us to provide certs example from NuGetToolGetter

I'm happy to take a stab at it if desired.

Metadata

Metadata

Assignees

Labels

enhancementstale

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions