pleaseshutup/getCAbundle.js

## getCAbundle.js
//Thanks to:
//http://www.benjiegillam.com/2012/06/node-dot-js-ssl-certificate-chain/

//For the code to pass a CA bundle (multiple certs in one file) as an array
//which fixes certificate errors on some browsers when doing https.createServer(options


//This is how you can fix that with nodejitsu's http-proxy when using SNI
// to have a server listening and returning multiple ssl certs

//taken from benjiegillam.com turns a bundled certificate
//(multiple certs in one file) into an array exploded by the -END CERTIFICATE- line

function getCABundle(Bundle){
	var ca = [];
	chain = fs.readFileSync(Bundle, 'utf8');
	chain = chain.split("\n");
	cert = [];
	for(line in chain){
		if(line.length > 0 ){
			cert.push(chain[line]);
			if(chain[line].match(/-END CERTIFICATE-/)){
				ca.push(cert.join("\n"));
				cert = [];
			}
		}
	}
	return ca;
}

function getCredentialsContext (cer) {
  return crypto.createCredentials({
    key:  fs.readFileSync(cer.key),
    cert: fs.readFileSync(cer.cert),
	ca: getCABundle(cer.ca)
  }).context;
}

var certs = {};
certs['example-a.com'] = getCredentialsContext(
 {key:'/path/to/example-a.com.key',
  cert:'/path/to/example-a.com.crt',
  ca:'/path/to/example-a.com.CAbundle'
 });
certs['example-b.com'] = getCredentialsContext(
 {key:'/path/to/example-b.com.key',
  cert:'/path/to/example-b.com.crt',
  ca:'/path/to/example-b.com.CAbundle'
 });

var optionsSSL = {
	https:{
		SNICallback:function(hostname){
			return certs[hostname];
		}
	},
	hostnameOnly: true,
	router:{
           "example-a.com":"localhost:10000",
           "example-b.com":"localhost:10001"
	},
	target:{
		https:true
	}
};

httpProxy.createServer(optionsSSL).listen('localhost','443');
	//Thanks to:
	//http://www.benjiegillam.com/2012/06/node-dot-js-ssl-certificate-chain/

	//For the code to pass a CA bundle (multiple certs in one file) as an array
	//which fixes certificate errors on some browsers when doing https.createServer(options


	//This is how you can fix that with nodejitsu's http-proxy when using SNI
	// to have a server listening and returning multiple ssl certs

	//taken from benjiegillam.com turns a bundled certificate
	//(multiple certs in one file) into an array exploded by the -END CERTIFICATE- line

	function getCABundle(Bundle){
	var ca = [];
	chain = fs.readFileSync(Bundle, 'utf8');
	chain = chain.split("\n");
	cert = [];
	for(line in chain){
	if(line.length > 0 ){
	cert.push(chain[line]);
	if(chain[line].match(/-END CERTIFICATE-/)){
	ca.push(cert.join("\n"));
	cert = [];
	}
	}
	}
	return ca;
	}

	function getCredentialsContext (cer) {
	return crypto.createCredentials({
	key: fs.readFileSync(cer.key),
	cert: fs.readFileSync(cer.cert),
	ca: getCABundle(cer.ca)
	}).context;
	}

	var certs = {};
	certs['example-a.com'] = getCredentialsContext(
	{key:'/path/to/example-a.com.key',
	cert:'/path/to/example-a.com.crt',
	ca:'/path/to/example-a.com.CAbundle'
	});
	certs['example-b.com'] = getCredentialsContext(
	{key:'/path/to/example-b.com.key',
	cert:'/path/to/example-b.com.crt',
	ca:'/path/to/example-b.com.CAbundle'
	});

	var optionsSSL = {
	https:{
	SNICallback:function(hostname){
	return certs[hostname];
	}
	},
	hostnameOnly: true,
	router:{
	"example-a.com":"localhost:10000",
	"example-b.com":"localhost:10001"
	},
	target:{
	https:true
	}
	};

	httpProxy.createServer(optionsSSL).listen('localhost','443');