fix self signed certificate compatibility

sonnyp · sonnyp · commit db2831391c26 · 2021-10-20T09:46:39.000+02:00
Closes #17 Default keySize is 1024 and algorithm which is not enough nowadays. Default algorithm is sha1 which is deprecated. https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html See https://github.com/jfromaniello/selfsigned/blob/c5ac42bdb5949bce47679221284331cab71a1e1e/README.md#options
diff --git a/README.md b/README.md
@@ -215,6 +215,16 @@ To override a value, simply add it to `~/.chalet/conf.json` and run `chalet stop
 
 ## FAQ
 
+#### Problem with self signed certificates
+
+You will want to delete your existing certificates and restart chalet:
+
+```sh
+chalet stop
+rm ~/.chalet/cert.pem ~/.chalet/key.pem
+chalet start
+```
+
 #### Setting a fixed port
 
 ```sh
diff --git a/src/daemon/pem.js b/src/daemon/pem.js
@@ -20,7 +20,9 @@ function generate() {
     const pems = selfsigned.generate(
       [{ name: "commonName", value: "chalet" }],
       {
-        days: 365
+        keySize: 2048,
+        days: 365,
+        algorithm: "sha256"
       }
     );
     fs.writeFileSync(KEY_FILE, pems.private, "utf-8");

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,9 @@ function generate() {`
`20`	`20`	`const pems = selfsigned.generate(`
`21`	`21`	`[{ name: "commonName", value: "chalet" }],`
`22`	`22`	`{`
`23`		`- days: 365`
	`23`	`+ keySize: 2048,`
	`24`	`+ days: 365,`
	`25`	`+ algorithm: "sha256"`
`24`	`26`	`}`
`25`	`27`	`);`
`26`	`28`	`fs.writeFileSync(KEY_FILE, pems.private, "utf-8");`