search

Shopify / slate

Slate is a toolkit for developing Shopify themes. It's designed to assist your workflow and speed up the process of developing, testing, and deploying themes.
https://shopify.github.io/slate
MIT License
1.28k stars 364 forks source link

ssl-check hitting errors on mac #1037

Open armstrongch1994 opened 5 years ago

armstrongch1994 commented 5 years ago

This repo is currently on low maintenance. See README for details

Problem

Im on a mac and my ssl certificate is either not getting created or it is not being found when the ssl script is trying to move it. I keep getting ' no such file or directory.' I tried using my own ip address in the script also and that didnt fix anything.

Succinct outline of the problem or request.

  1. Ran brew install mkcert in my terminal
  2. Copy and pasted the ssl-check bash function into my terminal
  3. Ran the function
  4. I've attached a screenshot of the error I get after running the function
  5. I also confirmed the '.localhost_ssl' folder was created after executing the function, but it is empty.

    Error in console after running script

    Screen Shot 2019-06-11 at 12 43 41 PM

nathankelly-dev commented 3 years ago

I'm having the exact same issue. I understand this was posted a couple of years ago now, but is there any chance you remember what the fix was?

gideonb commented 3 years ago

@Nathan-BrokenFaders @armstrongch1994

Here's a snippet from the docs I created for our Groupthought themes internal process which is slate-adjacent.

To create a localhost ssl cert for browsersync use this command

test ! -d ~/.localhost_ssl && mkdir ~/.localhost_ssl
openssl req -x509 -days 1095 -out ~/.localhost_ssl/localhost.crt -keyout ~/.localhost_ssl/localhost.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

this will create a localhost cert folder at ~/.localhost_ssl/ with a cert and a key. You may need to manually add that cert to keychain and set trust -> ssl -> always

open ~/.localhost_ssl/localhost.crt

Click on 'Add' to add the cert to keychain Right click that localhost cert you just created and added to keychain, and use Get info to adjust the preferences. Expand the trust tab and change the Secure Socets Layer (SSL) dropdown to Always trust

I don't use this version of slate but if you might have better luck with a hardcoded key location. Slate loads the SSL keys into browsersync here: https://github.com/Shopify/slate/blob/5ecc510efed9a14fa9e3954c1adedeac91650144/packages/slate-tools/tools/dev-server/index.js#L39

I think you'll also have to set an SSL location in the config file: https://github.com/Shopify/slate/blob/5ecc510efed9a14fa9e3954c1adedeac91650144/packages/slate-tools/slate-tools.schema.js#L58

If you want to use that default config you'll need to call the key and cert server which would look like this:

test ! -d ~/.localhost_ssl && mkdir ~/.localhost_ssl
openssl req -x509 -days 1095 -out ~/.localhost_ssl/server.crt -keyout ~/.localhost_ssl/server.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

Or you can just change the filename after you generate it.

Not 100% sure any of this will work since I am using a different version of browsersync and a completely different build process but this should set you down the right path.