ssl-check script hitting errors on Windows 10 #865
Comments
|
I'm having the exact same problem. Same replication steps and here's my system: |
|
Removing |
|
@tachjon Thanks for the tip! That did allow my ssl-check function to process properly, however I'm still not seeing the "./localhost.pem" and the key at "./localhost-key.pem" inside of my mkcert folder and Im still shown a red HTTPS. I still only have the root files @HauntedSmores mentioned. So even though it says it's creating the files when the function runs, it doesn't seem to actually be creating them. |
|
Check your Windows user directory, the .localhost folder containing the server key should be in there. I can confirm that manually adding your local IP fixes the script problem on Windows and the key is created in the user directory (see below). This is the Slate-tools.schema.js entry pointing to the key's location: // Path to self-signed SSL certificate which is used when developing // Path to self-signed SSL key which is used when developing Hope that helps. |
|
@pie2211 Is this a workaround for the |
|
+Here is how I do it manually cd ~/.localhost_ssl
mkcert -install
mkcert localhost 127.0.0.1 <YOUR_LOCAL_IP_HERE>
mv localhost+2-key.pem server.key
mv localhost+2.pem server.crt |
|
@HauntedSmores not a work around no, just pointing you to the location of the server.key and server.cert when it's successfully output by the SSl check script using the IP fix for Win10 suggested by @tachjon. Alternatively just do as @saintplay suggests to generate the necessary key and certificate files to any directory you like. The thing to note is wherever/however you decide to generate/move/copy the key and certificate, you may have to update the paths to both those files in the following Slate Tools file: yourthemeprojectfolder/node_modules/@shopify/slate-tools/slate-tools.schema.js Otherwise express server won't know where to find them when it's fired up by Slate - some generic localhost cert will be loaded into the browser instead, Chrome in my case, giving you the untrusted message. What I did to get it all working in Chrome on my Win 10 machine was:
|
|
This may be a stupid question, but I never had a slate-tools.schema.js file inside of my node slate-tools folder. Is there any reason why that wouldn't have been included? Everything else has worked as expected from the steps you've laid out - script runs with no errors and server files are created in .localhost_ssl folder. However when I went to check the paths in my slate-tools.scheme.js file, that file was nowhere to be found. I tried creating the file from scratch and adding that code, but I still cant get this to work. I'm wondering if maybe because the file wasnt there originally, its not being referenced in some other part of the code, so it doesn't know to look up this file? Maybe.... I'm really at a loss with the one. |
|
@markfenske84 what version of Slate are you using for your project? I was referring to v1.0 in the posts above, you can find the schema file here: Not sure where v0.x sets the path to the certificate but I’d assume the default location would be the same pace - in the root of your Window’s user directory. |
|
@pie2211, yep that looks to be the issue! Looks like i'm using 0.14 on my original project. I've created a new project for another new site I'll be building and that one is v1 and has the file. I'll see if I can't get it working now that I have a full version of the schema file. Thanks again! EDIT: I was able to get this working fine on the new install. It looks like however, the main issue for why I started to work on getting the SSL issue fixed in the first place is still present. That being browser-sync not working. Everything is compiling and uploading as expected (in both v1 and v0.14 projects), but in both, browser-sync is a no-show and I can't figure out for the life of me why. It doesn't drastically hinder my development process, but it sure would be nice to have BS actually reloading the browser. |
|
I can say @saintplay steps worked for me in creating the certificate but because of going back and forth from powershell to bash got a bit confusing, I decided to post a set of commands that will get the job done in powershell edit: Step 1If you don't have Chocolatey installed go to https://chocolatey.org/install and follow their instructions Step 2Install mkcert by running
Step 3copy and paste the code below into your powershell Step 4run |
|
To install root SSL certificate in windows 10, use Microsoft Management Console(MMC) Step 1: Click Start > Run Then... Check Your Antivirus Software Or Firewall Your antivirus software might block some strange SSL certificates or connections. Thus be sure to Enable https scanning in your antivirus software or firewall. If you can not find Enable https scanning feature in your software, you can choose to turn off the software temporarily. Then check if you can visit the website normally. |
I did these exact steps but since I don't understand too much about ssl and how certificates work I don't know if there is something I missed as this way never worked for me. Whenever I ran |
Yes yours is probably a much simpler solution but it didn't work for my colleague on windows 10 so I thought I'd provide an alternative. Plus not everyone uses powershell. |
|
@george-dotdev Yes I did hate having to use powershell, my problem with your way was that even after adding the certificate it was still not working with slate. Like I said in my post I'm not too familiar with how certificates work so I must have missed some step. In the manual powershell script I had to create the .localhost_ssl folder and put the cert and key there and that was the part that made it work. How does this work when using the MMC ? |
|
Glad to see this issue picking up steam. Just wanted to hollaback and let you know that @saintplay 's answer did the trick for me. |
|
@hcmlopes I found that you and @saintplay your solution works, but I just wanted to add that this only worked in Google Chrome for me. I'm still getting some errors regarding |
I guess that it's expected that some browsers won't work, as it's stated in the mkcert's doc that Firefox root store is supported only on macOS and Linux. |
|
Can't seem to get this working for IE. Which is my only reason for using windows 😂 |
working with me. |
I'm not sure if this was mentioned above because I haven't had the time to read through everything, but I noticed some people were having issues with the following error: mv: cannot stat './localhost+1.pem': No such file or directory The reason why it throws this error is because when you run: mkcert localhost 127.0.0.1 ::1 The file directory will read: The certificate is at "./localhost+2.pem" and the key at "./localhost+2-key.pem" Which is NOT: mv: cannot stat './localhost+1.pem': No such file or directory Luckily, there is a very simple solution. Simply remove the -1 from the count part of the function (Towards the bottom of ssl-check) and it should read like this: count=$(( ${#domains[@]})). Hope this helps. |
This works for me - just a reference in case anyone else is wondering how to get your local IP address, it can be done in git bash with: |
|
After 24 hours of trial and error I can confirm that @hcmlopes's solution works perfectly. What I was doing wrong is exactly what he mentioned - jumping back and forth between PowerShell and WSL, don't do that! If you're on Windows just open PowerShell install all libraries there, install Slate with it and run @hcmlopes's steps. |
This worked for me in MSYS2 on Windows 10 as well. Thanks! |
|
Figured I'd chime in here. If you're running into SSL issues still on Ubuntu/Linux, I opened #1083 to update the docs with a Linux-specific The new function for Linux is as follows: function ssl-check() {
f=~/.localhost_ssl;
ssl_crt=$f/server.crt
ssl_key=$f/server.key
b=$(tput bold)
c=$(tput sgr0)
# gets the first IP returned fro the hostname function
local_ip=$(hostname -I | cut -d' ' -f1)
# local_ip=999.999.999 # (uncomment for testing)
domains=(
"localhost"
"$local_ip"
)
if [[ ! -f $ssl_crt ]]; then
echo -e "\n🛑 ${b}Couldn't find a Slate SSL certificate:${c}"
make_key=true
elif [[ ! $(openssl x509 -noout -text -in $ssl_crt | grep $local_ip) ]]; then
echo -e "\n🛑 ${b}Your IP Address has changed:${c}"
make_key=true
else
echo -e "\n✅ ${b}Your IP address is still the same.${c}"
fi
if [[ $make_key == true ]]; then
echo -e "Generating a new Slate SSL certificate...\n"
count=$(( ${#domains[@]} - 1))
mkcert ${domains[@]}
# Create Slate's default certificate directory, if it doesn't exist
test ! -d $f && mkdir $f
# It appears mkcert bases its filenames off the number of domains passed after the first one.
# This script predicts that filename, so it can copy it to Slate's default location.
if [[ $count = 0 ]]; then
mv ./localhost.pem $ssl_crt
mv ./localhost-key.pem $ssl_key
else
mv ./localhost+$count.pem $ssl_crt
mv ./localhost+$count-key.pem $ssl_key
fi
fi
}This does still utilize mkcert. I highly recommend installing it via their instructions still. Feel free to test it out and let me know if you run into any issues, I'll work to update the new |
I would like to start by mentioning that I'm well aware that the Slate team is expecting there to be issues with the Slatev1 on win10, as they have started numerous times that they have not have not yet tested everything outside of macOS.
With that being said, I think its very close and this particular issue might be resolved with help from some bash nerds + Windows users.
Problem
When setting up the SSL certificate, as described here, the
ssl-checkfunction runs into some issues. Im not knowledgeable enough in the tools used in this step of the process to do anything meaningful with these errors but theyre still pretty descriptive and I think someone else likely will be.Note: This is after installing
mkcerton Windows 10 using chocolaty, then runningmkcert -installin Powershell as admin (which gave success messages), and step 2 in the docs using git-bash (linked above).I can see the certs in my file system at
C:\Users\name\AppData\Local\mkcert\rootCA.pemand
C:\Users\name\AppData\Local\mkcert\rootCA-key.pemReplication steps
Follow normal Slate installation instructions as provided by the wiki on Windows 10 using git-bash for most of the way, but installing
mkcertusing Powershell as admin.Follow part 4 of the wiki and run the
ssl-checkto produce the error.More Information
Windows 10
git-bash/powershell
node v8.9.3
npm v6.4.1
The text was updated successfully, but these errors were encountered: