OfficeDev / Office-Addin-Scripts

A set of scripts and packages that are consumed in Office add-ins projects.
MIT License
159 stars 100 forks source link

Should office-addin-dev-certs work for browsers? #841

Open eekboom opened 8 months ago

eekboom commented 8 months ago

The stackoverflow tag linked on https://github.com/OfficeDev/Office-Addin-Scripts is completely empty, so please allow me to ask a question here:

Should the certificate that gets created by office-addin-dev-certs be accepted by browsers, so that I can use it for general web app development? Or is it only suitable for the specific use case of outlook loading its add-in?

I tried to use it as certificate when starting my app with parcel and when trying to open https://localhost:3000/ Firefox says SSL_ERROR_RX_RECORD_TOO_LONG while Chrome and Edge report ERR_SSL_PROTOCOL_ERROR :-( As far as I understood the certificate is issued for "localhost" and "127.0.0.1" and should not be restricted to a specific port, right?

Would be so cool to have locally created certificates automatically be accepted in the browser while developing!

eekboom commented 8 months ago

Hm, when using default port 443:

So I guess there are two requests here: Make the certificate work on other ports. Install it into firefox, too (optionally?)

akrantz commented 8 months ago

Not sure what is required for Firefox to trust the CA cert, but Chrome and Edge will trust it since it is in the Windows trusted root certificate store. SSL uses port 443 by default, but I don't think there is anything specific about the port. The cert is used to validate the IP address and domain name. The --domains option allows changing the domain names and IP addresses to be specified in the cert.