Created
May 9, 2014 06:58
-
-
Save Elemecca/4880443dfbb3408648b7 to your computer and use it in GitHub Desktop.
Hubot module which loads additional CA certificates into the Node trust store
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Description: | |
| # 000_ca_certs monkey-patches the Node crypto module to load addtional | |
| # CA certificates into the trust root so other modules can connect | |
| # to sites with certs signed by a private CA | |
| # | |
| # Dependencies: | |
| # None | |
| # | |
| # Configuration: | |
| # HUBOT_CA_CERTS | |
| # a colon-delimited list of filesystem paths to additional CA | |
| # certificates in PEM format, one certificate per file | |
| # | |
| fs = require( 'fs' ) | |
| module.exports = (robot) -> | |
| if process.env.HUBOT_CA_CERTS? | |
| robot.logger.debug "injecting custom CA certs" | |
| certs = for file in process.env.HUBOT_CA_CERTS.split ':' | |
| robot.logger.debug "reading CA cert " + file | |
| try | |
| fs.readFileSync file | |
| catch error | |
| robot.logger.error "error reading CA cert " + file + ": " + error | |
| continue | |
| if certs.length > 0 | |
| SecureContext = process.binding( 'crypto' ).SecureContext | |
| addRootCerts = SecureContext.prototype.addRootCerts | |
| SecureContext.prototype.addRootCerts = () -> | |
| addRootCerts.call this | |
| this.addCACert cert for cert in certs | |
| true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment