Merge pull request #243 from dabura667/master

Add fields to designate root CA for cheaper SSL CAs
10 years ago · 6a608ab51d
2 changed files with 12 additions and 0 deletions
--- a/bws.js
+++ b/bws.js
@ -27,6 +27,12 @@ var serverOpts = {};
 if (config.https) {
  serverOpts.key = fs.readFileSync(config.privateKeyFile || './ssl/privatekey.pem');
  serverOpts.cert = fs.readFileSync(config.certificateFile || './ssl/certificate.pem');
+  // This sets the intermediate CA certs only if they have all been designated in the config.js
+  if (config.CAinter1 && config.CAinter2 && config.CAroot) {
+    serverOpts.ca = [fs.readFileSync(config.CAinter1),
+                     fs.readFileSync(config.CAinter2),
+                     fs.readFileSync(config.CAroot)
+                    ];};
 }

 var start = function(cb) {
--- a/config.js
+++ b/config.js
@ -10,6 +10,12 @@ var config = {
  // https: true,
  // privateKeyFile: 'private.pem',
  // certificateFile: 'cert.pem',
+  ////// The following is only for certs which are not
+  ////// trusted by nodejs 'https' by default
+  ////// CAs like Verisign do not require this
+  // CAinter1: '', // ex. 'COMODORSADomainValidationSecureServerCA.crt'
+  // CAinter2: '', // ex. 'COMODORSAAddTrustCA.crt'
+  // CAroot: '', // ex. 'AddTrustExternalCARoot.crt'

  storageOpts: {
    mongoDb: {