pem icon indicating copy to clipboard operation
pem copied to clipboard

Published 20 hours ago verified publisher icon Dexus

Support setting custom OpenSSL parameters

Open mkalam-alami opened this issue 4 years ago • 3 comments

While integrating this library I have been faced with limitations on the pem.verifySigningChain() tool, as I needed to customize the OpenSSL options to make them fit our use case.

It would be overkill to ask for integrating the various OpenSSL options in JSON format, so I'd suggest either:

  • a simple "customOpenSSLOptions" (string[]) param that is merged with the params array
  • a callback instead, that is plugged somewhere to customize the behavior of the spawn wrapper

In the meantime our workaround has been to directly use the internal APIs:


import * as openssl from 'pem/lib/openssl';

function validateCertChain(cert: string, callback: Callback<boolean>) {
    var params = ['verify', '** WHATEVER WE NEED **']
    if (this.certAuthority !== undefined) {
      params.push('-CAfile');
      params.push('--TMPFILE--');
    }
    params.push('--TMPFILE--');

    openssl.spawnWrapper(params, [this.certAuthority, cert], function (err, code, stdout, stderr) {
      // ....

mkalam-alami avatar Aug 03 '21 13:08 mkalam-alami

If you like to contribute, feel free to open a PR.

Dexus avatar Aug 04 '21 08:08 Dexus

Your problem has nothing to do with #303 right?

Dexus avatar Jan 20 '22 20:01 Dexus

I confirm, my problem wasn't a bug but just a need for customization.

mkalam-alami avatar Jan 20 '22 20:01 mkalam-alami