No More Posting New Topics!

If you have a question or an issue, please start a thread in our Github Discussions Forum.
This forum is closed for new threads/ topics.

Navigation

    Quasar Framework

    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    [solved] How do you setup https for both dev and prod with your own keys and certs?

    Help
    2
    7
    3042
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rconstantine last edited by rconstantine

      I found this, but it seems dated: https://forum.quasar-framework.org/topic/394/quasar-dev-command-to-use-https

      I’m looking to add references to a key and a cert in dev mode. I tried adding to quasar.conf.js, but got an error (“Unexpected token import”) when trying to import fs with the intention of using the following in the devServer section:

      https: {
      key: fs.readFileSync(’./src/tls/pharmacyinformatics.local.key.pem’),
      cert: fs.readFileSync(’./src/tls/pharmacyinformatics.local.crt.pem’)
      },

      I got the above from the WebPack docs on DevServer, which says it is just passing things along to the http(s) module of Node JS. Why doesn’t quasar.conf.js allow the use of imports? If I can’t use fs there, where should I put these key and cert references?

      Additionally, where does one add the same for production builds?

      1 Reply Last reply Reply Quote 0
      • R
        rconstantine last edited by

        Here is the reference to the DevServer docs: https://webpack.js.org/configuration/dev-server/#devserver-https

        It says we can replace https: true with what I have above.

        1 Reply Last reply Reply Quote 0
        • R
          rconstantine last edited by rconstantine

          I figured out the production case: quasar serve --port 443 --hostname pharmacyinformatics.local --history --https -K …/…/src/tls/pharmacyinformatics.local.key.pem -C …/…/src/tls/pharmacyinformatics.local.crt.pem -o

          But I still don’t see how to do it for dev. Any tips? I’m using my own root CA certificate and simply using http: true doesn’t work in that case.

          Also, is there a better way to deploy for production on an intranet that requires https than this built-in express server? Should I be rolling my own express server, or are there issues with express? This won’t be an application with thousands of concurrent users or anything - probably just dozens at a time.

          Also, instead of all of that on the command line, is it possible to just have a config file somewhere? Can I modify the resulting server somehow? Like can I add middleware like helmet?

          1 Reply Last reply Reply Quote 0
          • rstoenescu
            rstoenescu Admin last edited by

            Dev is handled by webpack-dev-server, so you can fill quasar.conf > devServer > https with these options: https://webpack.js.org/configuration/dev-server/#devserver-https

            1 Reply Last reply Reply Quote 0
            • R
              rconstantine last edited by

              @rstoenescu That’s what I linked to above in my first comment after the main post. When I tried to import fs at the top of the quasar.conf.js file, it threw an error. See the first post in this thread for details. 🙂

              1 Reply Last reply Reply Quote 0
              • rstoenescu
                rstoenescu Admin last edited by

                quasar.conf runs in a Node environment, so don’t use “import” because there’s nothing transpiling ES6 to ES5.
                So:

                const fs = require('fs')
                
                1 Reply Last reply Reply Quote 2
                • R
                  rconstantine last edited by

                  Doh! I wasn’t aware of that distinction. Thank you, sir!

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post