Open Trebh opened 2 years ago
+ cafile support please :)
Bun should support OpenSSL SSL_CERT_FILE
environment variables like NodeJS (with --use-openssl-ca
option) to allow configuring custom root ca certificates via ENV
Bun should support OpenSSL
SSL_CERT_FILE
environment variables like NodeJS (with--use-openssl-ca
option) to allow configuring custom root ca certificates via ENV
Nope, Bun PM not respecting those ENV variables when running bun install
.
I know, that's why I said it should. 😉
The lack of this option makes it impossible to start using bun in our organization, because we can't install packages from our private registry.
Are there any updates on this issue?
Can anyone try this workaround for bun install?
set env NODE_TLS_REJECT_UNAUTHORIZED=0
. It got supported after this merge request and it kind of works like a temporary workaround when using JOSE and fetching JWKS public certificate.
Might not be good enough temp workaround for prod, but it enables you to do some internal testing at least.
Waiting also for a solution to configure the cafile
from within the .bunfile.toml
config file, but in the meantime NODE_TLS_REJECT_UNAUTHORIZED=0 bun install
is working fine.
Waiting also for a solution to configure the
cafile
from within the.bunfile.toml
config file, but in the meantimeNODE_TLS_REJECT_UNAUTHORIZED=0 bun install
is working fine.
This doesn't seem to be working for our private registry.
package "@types/express" not found <private-artifactory-url>/artifactory/api/npm/@types%2fexpress 404
This alone is a deal breaker for adoption in corporate/enterprise environments.
Related to #7124
The latest version does load /etc/ssl/certs/ca-certificates.crt
on Ubuntu without any special configuration. I've been using it this way for a few months without problems.
We dont support yet the options --ca
and --cafile
but we support now NODE_EXTRA_CA_CERTS
but we support now
NODE_EXTRA_CA_CERTS
This works fine with Base64 certificate but not with DER certificate.
For those who have the problem here is a solution to convert the cer
file: https://serverfault.com/a/992717
In a corporate environment this is often mandatory for connection to private NPM registries.
.npmrc config reference: https://docs.npmjs.com/cli/v8/using-npm/config#ca
When acting as a NPM replacement, it should be possible to configure Bun with this option