发表新帖
发表新帖

How can I provide a SSL certificate with create-react-app?

后端 未结
关注
6 1373
南方客
南方客 2020-12-04 16:32


I am trying to host a react app I created and tested locally using the facebook boilerplate.
The client app interacts with an API I made using node.js, and with

相关标签:
6条回答
  • 梦谈多话
    2020-12-04 17:11

    I was able to get a local certificate working without modifying the webpack-dev-server files using react-scripts 3.4.1 (technically added in 3.4.0 but I had some—probably unrelated—issues). I added these two environment variables to my .env.development:

    SSL_CRT_FILE=.cert/server.crt
SSL_KEY_FILE=.cert/server.key

    Notes:

    • .cert is a folder I created in the root of my project
    • My script that generates the SSL certificate
    • Official documentation on these two environment variables
    0 讨论(0)
  • 夕颜
    2020-12-04 17:11

    This is what I did:

    bash <(wget -qO- https://gist.github.com/w35l3y/5bb7fe8508d576472136f35428019177/raw/local-cert-generator.sh)

    Then I double clicked and imported: rootCA.pem and server.pem

    Then I modified package.json:

    "start": "HTTPS=true react-scripts start",
"prestart": "cp -f /path/to/server.pem ./node_modules/webpack-dev-server/ssl",

    Very important sources:

    • https://serverfault.com/questions/226386/wget-a-script-and-run-it
    • https://gist.github.com/w35l3y/5bb7fe8508d576472136f35428019177
    0 讨论(0)
  • 甜味超标
    2020-12-04 17:14

    Here is the webpack config of react-scripts when using HTTPS=true along side SSL_CRT_FILE & SSL_CRT_FILE. So you should just be able to add it to the env to set the paths to your cert.

    0 讨论(0)
  • 耶瑟儿~
    2020-12-04 17:18

    To expand on Elad's answer:

      1. Create a self-signed certificate following the instructions linked to from https://github.com/webpack/webpack-dev-server/tree/master/examples/cli/https
      1. Save the pem file (containing both the certificate and private key) somewhere in your project (e.g. /cert/server.pem)
      1. Modify your package.json scripts: 
        "start": "HTTPS=true react-scripts start",
"prestart": "rm ./node_modules/webpack-dev-server/ssl/server.pem && cp -f ./cert/server.pem ./node_modules/webpack-dev-server/ssl",
    0 讨论(0)
  • 轻奢々
    2020-12-04 17:19

    Your server that serves files from that port needs to be configured to use your SSL cert. I'm guessing you are using webpack-dev-server on that port (that's what npm start does in create-react-app), and maybe a different server (apache, nginx, etc) on port 80?

    You can either serve your compiled files using your already configured server, or configure webpack-dev-server to use your SSL cert.

    To do this, you can use webpack-dev-server's --cert option. See https://webpack.github.io/docs/webpack-dev-server.html

    NOTE: you need an extra -- to pass arguments through npm run to the underlying command, e.g. npm start -- --cert ....

    If you want to do this using npm start, which calls a custom start script, you'll have to edit that start script. You may need to use the eject command first, which dumps all the config code into your repo so you can change it.

    Here is the source code of the start script: https://github.com/facebookincubator/create-react-app/blob/master/packages/react-scripts/scripts/start.js#L230

    I should also note that webpack-dev-server isn't intended to be used in a production environment.

    Have fun!

    0 讨论(0)
  • 青春惊慌失措
    2020-12-04 17:27

    Update: see Andi's answer below. In recent version you should set environment variable to configure the certificate

    SSL_CRT_FILE=.cert/server.crt
SSL_KEY_FILE=.cert/server.key

    Ejecting create-react-app is not recommended since you won't be able to seamlessly upgrade it. Moreover, you can easily have valid SSL certificate without ejecting.
    You will need to copy your certificate to node_modules/webpack-dev-server/ssl/server.pem. The downside is that you need to manually copy the file. However, one way to make this seamless is to add a postinstall script that creates a symlink. Here is a script I created:

    #!/bin/bash
# With create-react-app, a self signed (therefore invalid) certificate is generated.
# 1. Create some folder in the root of your project
# 2. Copy your valid development certificate to this folder
# 3. Copy this file to the same folder
# 4. In you package.json, under `scripts`, add `postinstall` script that runs this file.
# Every time a user runs npm install this script will make sure to copy the certificate to the 
# correct location

TARGET_LOCATION="./node_modules/webpack-dev-server/ssl/server.pem"
SOURCE_LOCATION=$(pwd)/$(dirname "./local-certificate/server.pem")/server.pem

echo Linking ${TARGET_LOCATION} TO ${SOURCE_LOCATION}
rm -f ${TARGET_LOCATION} || true
ln -s ${SOURCE_LOCATION} ${TARGET_LOCATION}
chmod 400 ${TARGET_LOCATION} # after 30 days create-react-app tries to generate a new certificate and overwrites the existing one. 
echo "Created server.pem symlink"

    Your package.json should look something like:

    "scripts": {
    ...
    "postinstall": "sh ./scripts/link-certificate.sh"
}
    • My solution is based on this thread
    0 讨论(0)
 看不清?
提交回复
热议问题