diff --git a/doc/FAQ.md b/doc/FAQ.md index 694a07229..5d1407d14 100644 --- a/doc/FAQ.md +++ b/doc/FAQ.md @@ -145,7 +145,7 @@ pass in an existing certificate by providing the path to `--cert` and the path t the key with `--cert-key`. The self signed certificate will be generated into -`~/.local/share/code-server/self-signed.cert`. +`~/.local/share/code-server/self-signed.crt`. If `code-server` has been passed a certificate it will also respond to HTTPS requests and will redirect all HTTP requests to HTTPS. diff --git a/src/node/util.ts b/src/node/util.ts index ee1e85be9..20880913b 100644 --- a/src/node/util.ts +++ b/src/node/util.ts @@ -55,7 +55,7 @@ export function humanPath(p?: string): string { } export const generateCertificate = async (): Promise<{ cert: string; certKey: string }> => { - const certPath = path.join(paths.data, "self-signed.cert") + const certPath = path.join(paths.data, "self-signed.crt") const certKeyPath = path.join(paths.data, "self-signed.key") const checks = await Promise.all([fs.pathExists(certPath), fs.pathExists(certKeyPath)]) @@ -64,9 +64,25 @@ export const generateCertificate = async (): Promise<{ cert: string; certKey: st // generate certificates. const pem = require("pem") as typeof import("pem") const certs = await new Promise((resolve, reject): void => { - pem.createCertificate({ selfSigned: true }, (error, result) => { - return error ? reject(error) : resolve(result) - }) + pem.createCertificate( + { + selfSigned: true, + config: ` +[req] +req_extensions = v3_req + +[ v3_req ] +extendedKeyUsage = serverAuth +subjectAltName = @alt_names + +[alt_names] +DNS.1 = localhost +`, + }, + (error, result) => { + return error ? reject(error) : resolve(result) + }, + ) }) await fs.mkdirp(paths.data) await Promise.all([fs.writeFile(certPath, certs.certificate), fs.writeFile(certKeyPath, certs.serviceKey)])