You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Allow the use of a specific CA file, while still having Next.js create the key and cert.
Non-Goals
No response
Background
When using experimentalHttps, Next is checking for the existence of both the experimentalHttpsKey and experimentalHttpsCert option. If they both exist, then it creates the certificate using those file paths, plus the experimentalHttpsCa as the rootCa. If one or both doesn't exist, it creates a certificate (with createSelfSignedCertificate) which creates the key, cert, and rootCa.
At my company, we already have a root CA, and process.env.NODE_EXTRA_CA_CERTS is already set using it. We need this to get through the corporate proxy/firewall.
Proposal
Separate out the rootCa form the key and cert check and allow experimentalHttpsCa to be passed in on its own. Then use experimentalHttpsCa, even when generating the key and cert.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Goals
Non-Goals
No response
Background
When using experimentalHttps, Next is checking for the existence of both the experimentalHttpsKey and experimentalHttpsCert option. If they both exist, then it creates the
certificateusing those file paths, plus the experimentalHttpsCa as therootCa. If one or both doesn't exist, it creates a certificate (withcreateSelfSignedCertificate) which creates the key, cert, and rootCa.At my company, we already have a root CA, and process.env.NODE_EXTRA_CA_CERTS is already set using it. We need this to get through the corporate proxy/firewall.
Proposal
Separate out the rootCa form the key and cert check and allow
experimentalHttpsCato be passed in on its own. Then use experimentalHttpsCa, even when generating the key and cert.Beta Was this translation helpful? Give feedback.
All reactions