[solved] How do you setup https for both dev and prod with your own keys and certs?



  • I found this, but it seems dated: https://forum.quasar-framework.org/topic/394/quasar-dev-command-to-use-https

    I’m looking to add references to a key and a cert in dev mode. I tried adding to quasar.conf.js, but got an error (“Unexpected token import”) when trying to import fs with the intention of using the following in the devServer section:

    https: {
    key: fs.readFileSync(’./src/tls/pharmacyinformatics.local.key.pem’),
    cert: fs.readFileSync(’./src/tls/pharmacyinformatics.local.crt.pem’)
    },

    I got the above from the WebPack docs on DevServer, which says it is just passing things along to the http(s) module of Node JS. Why doesn’t quasar.conf.js allow the use of imports? If I can’t use fs there, where should I put these key and cert references?

    Additionally, where does one add the same for production builds?



  • Here is the reference to the DevServer docs: https://webpack.js.org/configuration/dev-server/#devserver-https

    It says we can replace https: true with what I have above.



  • I figured out the production case: quasar serve --port 443 --hostname pharmacyinformatics.local --history --https -K …/…/src/tls/pharmacyinformatics.local.key.pem -C …/…/src/tls/pharmacyinformatics.local.crt.pem -o

    But I still don’t see how to do it for dev. Any tips? I’m using my own root CA certificate and simply using http: true doesn’t work in that case.

    Also, is there a better way to deploy for production on an intranet that requires https than this built-in express server? Should I be rolling my own express server, or are there issues with express? This won’t be an application with thousands of concurrent users or anything - probably just dozens at a time.

    Also, instead of all of that on the command line, is it possible to just have a config file somewhere? Can I modify the resulting server somehow? Like can I add middleware like helmet?


  • Admin

    Dev is handled by webpack-dev-server, so you can fill quasar.conf > devServer > https with these options: https://webpack.js.org/configuration/dev-server/#devserver-https



  • @rstoenescu That’s what I linked to above in my first comment after the main post. When I tried to import fs at the top of the quasar.conf.js file, it threw an error. See the first post in this thread for details. 🙂


  • Admin

    quasar.conf runs in a Node environment, so don’t use “import” because there’s nothing transpiling ES6 to ES5.
    So:

    const fs = require('fs')
    


  • Doh! I wasn’t aware of that distinction. Thank you, sir!