Hey Nick,
Didn't knew the settings.js file was being used for that kind of purposes.
But indeed that makes sense ...
So when I add this to the settings.js file:
// The following property can be used to renew credential files at regular time intervals (seconds)
credentialRenewalTime: 3600,
// The following property can be used to add a custom function to renew credentials.
// A keypair (i.e. both the private key and the certificate) need to be returned.
// In most cases the code from the 'https' property can be re-used here ...
functionCredentialRenewal: function() {
return {
key: fs.readFileSync('privkey.pem'),
cert: fs.readFileSync('cert.pem')
}
},
And I add this to the red.js file:
if (settings.https) {
server = https.createServer(settings.https,function(req,res) {
app(req,res);
});
// Setup automatic certificate renewal for NodeJs version 11 and above
if (settings.credentialRenewalTime && settings.functionCredentialRenewal && typeof settings.functionCredentialRenewal === "function") {
if (server.setSecureContext) {
console.log("Checking renewed credentials every " + parseInt(settings.credentialRenewalTime) + " seconds.");
setInterval(function () {
try {
//console.log("Checking for renewed credentials.");
var renewedHttps = settings.functionCredentialRenewal();
server.setSecureContext(renewedHttps);
} catch(err) {
console.log("Cannot renew the credentials: " + err);
}
}, parseInt(settings.credentialRenewalTime) * 1000);
}
else {
console.log("Cannot renew credentials automatically. NodeJs version 11 or above is required.");
}
}
} else {
server = http.createServer(function(req,res) {app(req,res);});
}
Then it also works ...
It is a pity that the existing 'https' property isn't a function. Because now you have to specify both file paths (privkey.pem and cert.pem) twice in the settings, which you might forget...
Any other things that I need to change?
Bart
