uid2-examples/createCA.ts at main · IABTechLab/uid2-examples · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import { createCA, createCert } from 'mkcert';
import { allDomains } from './siteDetails';
import fs from 'node:fs/promises';

const domains = allDomains;

const caFolder = './ca/';
const caFile = `${caFolder}ca.crt`;
const caKey = `${caFolder}ca.key`;
const certFile = `${caFolder}cert.crt`;
const certKey = `${caFolder}cert.key`;

const overwriteFileOptions = {
  flag: 'w',
};
const failIfExistsFileOptions = {
  flag: 'wx',
};

const fileExists = async (path: string) => !!(await fs.stat(path).catch((e) => false));

const getOrCreateCA = async () => {
  if (await fileExists(caFile)) {
    console.log('Found existing CA, loading...');
    return {
      cert: await fs.readFile(caFile, { encoding: 'utf8' }),
      key: await fs.readFile(caKey, { encoding: 'utf8' }),
    };
  } else {
    console.log('Creating new CA...');
    const ca = await createCA({
      organization: 'UID2 Examples local dev CA',
      countryCode: 'AU',
      state: 'NSW',
      locality: 'Sydney',
      validity: 3650,
    });
    await fs.mkdir(caFolder, { recursive: true });
    await fs.writeFile(caFile, ca.cert, failIfExistsFileOptions);
    await fs.writeFile(caKey, ca.key, failIfExistsFileOptions);
    return ca;
  }
};

async function createCerts() {
  const ca = await getOrCreateCA();
  console.log(`Creating a certificate for ${domains.join(', ')}`);
  const cert = await createCert({
    ca: { key: ca.key, cert: ca.cert },
    domains,
    validity: 3650,
  });
  console.log('Certificate created.');

  await fs.writeFile(certFile, `${cert.cert}${ca.cert}`, overwriteFileOptions);
  await fs.writeFile(certKey, cert.key, overwriteFileOptions);

  console.log('Certificate saved to ./ca/ folder.');
  console.log('');
  console.log('Next steps:');
  console.log('1. Trust the CA certificate (ca.crt) in your system/browser');
  console.log('2. Add the domains to your hosts file (see README.md)');
  console.log('3. Run: docker-compose up');
}

createCerts();