Share your code. npm Orgs help your team discover, share, and reuse code. Create a free org »

    pempublic

    pem

    Create private keys and certificates with node.js

    Build Status npm version npm downloads pem documentation Greenkeeper badge

    JavaScript Style Guide

    Installation

    Install with npm

    npm install pem
    

    Examples

    Here are some examples for creating an SSL key/cert on the fly, and running an HTTPS server on port 443. 443 is the standard HTTPS port, but requires root permissions on most systems. To get around this, you could use a higher port number, like 4300, and use https://localhost:4300 to access your server.

    Basic https

    var https = require('https')
    var pem = require('pem')
     
    pem.createCertificate({ days: 1, selfSigned: true }, function (err, keys) {
      if (err) {
        throw err
      }
      https.createServer({ key: keys.serviceKey, cert: keys.certificate }, function (req, res) {
        res.end('o hai!')
      }).listen(443)
    })

    Express

    var https = require('https')
    var pem = require('pem')
    var express = require('express')
     
    pem.createCertificate({ days: 1, selfSigned: true }, function (err, keys) {
      if (err) {
        throw err
      }
      var app = express()
     
      app.get('/', function (req, res) {
        res.send('o hai!')
      })
     
      https.createServer({ key: keys.serviceKey, cert: keys.certificate }, app).listen(443)
    })

    API

    Please have a look into the API documentation.

    we had to clean up a bit

    Custom extensions config file

    You can specify custom OpenSSL extensions using the config or extFile options for createCertificate (or using csrConfigFile with createCSR).

    extFile and csrConfigFile should be paths to the extension files. While config will generate a temporary file from the supplied file contents.

    If you specify config then the v3_req section of your config file will be used.

    The following would be an example of a Certificate Authority extensions file:

    [req]
    req_extensions = v3_req
    distinguished_name = req_distinguished_name
    
    [req_distinguished_name]
    commonName = Common Name
    commonName_max = 64
    
    [v3_req]
    basicConstraints = critical,CA:TRUE
    

    While the following would specify subjectAltNames in the resulting certificate:

    [req]
    req_extensions = v3_req
    
    [ v3_req ]
    basicConstraints = CA:FALSE
    keyUsage = nonRepudiation, digitalSignature, keyEncipherment
    subjectAltName = @alt_names
    
    [alt_names]
    DNS.1 = host1.example.com
    DNS.2 = host2.example.com
    DNS.3 = host3.example.com
    

    Note that createCertificate and createCSR supports the altNames option which would be easier to use in most cases.

    Warning: If you specify altNames the custom extensions file will not be passed to OpenSSL.

    Setting openssl location

    In some systems the openssl executable might not be available by the default name or it is not included in $PATH. In this case you can define the location of the executable yourself as a one time action after you have loaded the pem module:

    var pem = require('pem')
    pem.config({
      pathOpenSSL: '/usr/local/bin/openssl'
    })
    // do something with the pem module

    Specialthanks to

    • Andris Reinman (@andris9) - Initiator of pem

    License

    MIT

    Keywords

    none

    install

    npm i pem

    Downloadslast 7 days

    58,100

    version

    1.12.5

    license

    MIT

    repository

    github.com

    last publish

    collaborators

    • avatar
    • avatar