Add passphrase support #437
Conversation
|
What's the use case for this? It seems unwise to provide a passphrase in clear text on the command line. Happy to hear more, though. |
|
@BigBlueHat Reason is that if a cert file requires a passphrase for decryption, there is no way to provide that. I stumbled onto this issue in a project when we moved to https. Hence created PR. There was also an issue created for this. #162 |
|
Thanks @kiranghule. Guess I'm just hesitant to encourage passphrases exposed on the command line. Perhaps an environment variable (if present) could be used for this scenario? Certainly Heroku (and friends) would store those in a safer place than in a clear text command line request. 💭's? |
|
@BigBlueHat Agreed. It's better to get this from an environment variable. Will look into it. |
|
@kiranghule are you still interested in moving forward with this PR? |
Will look into this, this weekend. The last conclusion I guess was to pass the passphrase via the env variable. But I have some doubts regarding how to go about it. Any help would be appreciated. Thanks. |
|
Hey, great idea.. but does that even work? Because for me it didn't.. just as @thornjad mentioned in #456, bc union ignores the passphrase anyway.. In our use case we would start the server manually each time, so I think passing the passphrase via CLI should at least be possible. |
| @@ -59,6 +59,8 @@ This will install `http-server` globally so that it may be run from the command | |||
|
|
|||
| `-K` or `--key` Path to ssl key file (default: key.pem). | |||
|
|
|||
| `-P` or `--passphrase` Pass phrase to decrypt the key (optional). | |||
There was a problem hiding this comment.
seems to conflict with the option -P / --proxy
|
Closing in favor of the more complete and active #746 |
Added support for providing passphrase to decrypt private key
Fixes #162