diff --git a/backend/src/Squidex/Program.cs b/backend/src/Squidex/Program.cs index 791e13cbb..d47479211 100644 --- a/backend/src/Squidex/Program.cs +++ b/backend/src/Squidex/Program.cs @@ -5,7 +5,9 @@ // All rights reserved. Licensed under the MIT license. // ========================================================================== +using System.Net; using Microsoft.AspNetCore.Hosting; +using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Hosting; using Squidex.Areas.IdentityServer.Config; @@ -61,6 +63,16 @@ namespace Squidex }) .ConfigureWebHostDefaults(builder => { + builder.ConfigureKestrel((context, serverOptions) => + { + if (context.HostingEnvironment.IsDevelopment() || context.Configuration.GetValue("devMode:enable")) + { + serverOptions.Listen( + IPAddress.Any, + context.Configuration.GetValue("devMode:port"), + listenOptions => listenOptions.UseHttps("../../../local_certs/squidex-dev.pfx", "password")); + } + }); builder.UseStartup(); }); } diff --git a/backend/src/Squidex/appsettings.json b/backend/src/Squidex/appsettings.json index f74ed02af..a3ad53a46 100644 --- a/backend/src/Squidex/appsettings.json +++ b/backend/src/Squidex/appsettings.json @@ -1,4 +1,9 @@ { + "devMode": { + "enable": false, + "port": 5001 + }, + "mode": { /* * Use this flag to set Squidex to readonly, e.g. when you deploy a second instance for migration. diff --git a/frontend/package.json b/frontend/package.json index 9fee2cb4f..ff44b2eba 100644 --- a/frontend/package.json +++ b/frontend/package.json @@ -5,7 +5,7 @@ "license": "MIT", "repository": "https://github.com/SebastianStehle/Squidex", "scripts": { - "start": "webpack-dev-server --config app-config/webpack.config.js --inline --port 3000 --hot", + "start": "webpack-dev-server --config app-config/webpack.config.js --inline --port 3000 --hot --https --pfx ../local_certs/squidex-dev.pfx --pfx-passphrase password", "test": "karma start", "test:coverage": "karma start karma.coverage.conf.js", "test:clean": "rimraf _test-output", diff --git a/local_certs/create-cert.ps1 b/local_certs/create-cert.ps1 new file mode 100644 index 000000000..83ce8fb72 --- /dev/null +++ b/local_certs/create-cert.ps1 @@ -0,0 +1,40 @@ +# setup certificate properties including the commonName (DNSName) property for Chrome 58+ +$certificate = New-SelfSignedCertificate ` + -Subject localhost ` + -DnsName localhost ` + -KeyAlgorithm RSA ` + -KeyLength 2048 ` + -NotBefore (Get-Date) ` + -NotAfter (Get-Date).AddYears(10) ` + -CertStoreLocation "cert:CurrentUser\My" ` + -FriendlyName "Localhost Certificate for .NET Core" ` + -HashAlgorithm SHA256 ` + -KeyUsage DigitalSignature, KeyEncipherment, DataEncipherment ` + -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1") +$certificatePath = 'Cert:\CurrentUser\My\' + ($certificate.ThumbPrint) + +# create temporary certificate path +$tmpPath = "C:\tmp" +If(!(test-path $tmpPath)) +{ +New-Item -ItemType Directory -Force -Path $tmpPath +} + +# set certificate password here +$pfxPassword = ConvertTo-SecureString -String "password" -Force -AsPlainText +$pfxFilePath = "c:\tmp\squidex-dev.pfx" +$cerFilePath = "c:\tmp\squidex-dev.cer" + +# create pfx certificate +Export-PfxCertificate -Cert $certificatePath -FilePath $pfxFilePath -Password $pfxPassword +Export-Certificate -Cert $certificatePath -FilePath $cerFilePath + +# import the pfx certificate +Import-PfxCertificate -FilePath $pfxFilePath Cert:\LocalMachine\My -Password $pfxPassword -Exportable + +# trust the certificate by importing the pfx certificate into your trusted root +Import-Certificate -FilePath $cerFilePath -CertStoreLocation Cert:\CurrentUser\Root + +# optionally delete the physical certificates (don’t delete the pfx file as you need to copy this to your app directory) +# Remove-Item $pfxFilePath +#Remove-Item $cerFilePath \ No newline at end of file diff --git a/local_certs/install-cert.ps1 b/local_certs/install-cert.ps1 new file mode 100644 index 000000000..d89f424a7 --- /dev/null +++ b/local_certs/install-cert.ps1 @@ -0,0 +1,7 @@ +$pfxPassword = ConvertTo-SecureString -String "password" -Force -AsPlainText + +# import the pfx certificate +Import-PfxCertificate -FilePath ./squidex-dev.pfx Cert:\LocalMachine\My -Password $pfxPassword -Exportable + +# trust the certificate by importing the pfx certificate into your trusted root +Import-Certificate -FilePath ./squidex-dev.cer -CertStoreLocation Cert:\CurrentUser\Root \ No newline at end of file diff --git a/local_certs/squidex-dev.cer b/local_certs/squidex-dev.cer new file mode 100644 index 000000000..7d847a4c5 Binary files /dev/null and b/local_certs/squidex-dev.cer differ diff --git a/local_certs/squidex-dev.crt b/local_certs/squidex-dev.crt new file mode 100644 index 000000000..e05568a0a --- /dev/null +++ b/local_certs/squidex-dev.crt @@ -0,0 +1,59 @@ +Bag Attributes + localKeyID: 01 00 00 00 + friendlyName: te-c73b69d4-3341-4710-874d-e22bb2c15956 + Microsoft CSP Name: Microsoft Software Key Storage Provider +Key Attributes + X509v3 Key Usage: 90 +-----BEGIN PRIVATE KEY----- +MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDh/y1tm+cbvrdH +DZHh8LMgWGmuJxfgImLu0S//GLkQ4MQGjQEBkLSjoQLsjQI2B8zNzqM07DfouBmj +nO+zu0argEPSyMxcEtQxB6aDCq+gHs+mamPs1d3JfgfP3yZjK7/wHhvF4pZaYhwI +HNYwaq2BtRc1KvFnd9qjqoE1WfmucqlBGnHxHq5MW0Qyg9b1PIFRRAXB/WXPbutl +ZkSBHOxq5bKnWeGryv8VuBeFEtQwhY14iscFxdb/tW7ieh8beW8TwQs3s6pFxou5 +TQXij5dCD52GC1QVemiAPsHh2hdOFE2DTJm01Mv32yGUsk1luF0V2hACpC2zb90c +Gj4VY5eFAgMBAAECggEBAJ6Wd6V0AqBYm7ozjoxzYO+wuzAnZLy2xJ/7kWe8TJnI +cCZ8qhkUF36/jRK7/LI3lQNTHvoTTUR0dCF5DkgcggH1NyLiH235FIf3a2SHiiid +lm+cNtTKWyF63DaFzCVJXR49spWRZJq2QB99RNyi73CWyFtZ8B8AXx/8lUEAC5La +t8Ftb/M5ieKQ9dAxyGL/U9L13ZmSO+J5Lc0ez9OwFpvNBNy353HKT0FL+qFuNV0K +g+t+x0DRudlL7uxeACPdnBlaEaT3ILWqCig6IBcILgNfGofuCC/hMLMcx8JUoQcg +atxife5w5Yyrxpsls1MLJEIhC02CKGsMwxXYPxaJjH0CgYEA9Rl0ivKaQSp/g43w +Frt84za70J68ZSrAP7pLHETEpEZnUxGX6O9glS8R5nZBZZsOr+7l6GcGK0QodyBy +CIpKppGt7JXSLnvq6FQeP4p5z6DTfKinfHhUCBffoQsDumMCQxsSLUmCpSSU5uXg +Pv69i4vcRxs3EXw/78gu8jZDpEsCgYEA7Aw7UrV0IHgbfMTjPOrgrxMO02uKwya4 +2xf9a8Qst2KUVdV32LgKr3wqVhnaFWJTOoKWWnvOvzRLvkrz0UlevqwXDiNy9Lp+ +5R41KGi6QR3ehwQvizrtEkHange/mtvMh/7BwXRF2u7xnyjWavVs1iFCt/CNg3UK +rMqbcz63MW8CgYASFvfgDXnPF3jj18UBmILmLjL8ecrD2LzptzE1++lbioqzudex +bIF/YUL79HxtKF2UJJi5Z2kwJk6qRC3GbZaG5rekf4ZMwf6beSHmZK0K4v7Y84Wx +DRx+oGxz8WEsD4SqOURFLWjEEYgf5pV/cMPCmeb/JIYS902sv+SfIdwqMwKBgQDT +LJI6CVnN3oYA1ofRLPQ7zJn77P8kXdUNNWYj7kpu+cNpEuP4P5ZXroaVpuUjMmbx +NnjalF6/UkLdCGMefjxD6uNpY69pYBs8UQ0PjLnsnZNCSS1bqykCp2W08YuqOC/A +Dts6fhIsro39bOR+pfhrjTAKLSv9Sk11joEJ1jbAAwKBgQCHSGKYa4ugobYx/0Bz +LYayNm4z0zf1V4aRlJZu6GyAoeBc1EEEXavmkCEJ7MEYoUDLp6ywuDnUybHzoa6c +I0spWppC8GGGDhrxtrBS35tfENclhdxoUVorOI/yn8iJZtc1DU3vPFXNKUEYqgew +gbGUoYGragfhbOfNGwkQ7C7jpA== +-----END PRIVATE KEY----- +Bag Attributes + localKeyID: 01 00 00 00 + 1.3.6.1.4.1.311.17.3.71: 50 00 53 00 4C 00 4C 00 32 00 38 00 38 00 38 00 34 00 2E 00 62 00 32 00 62 00 2E 00 72 00 65 00 67 00 6E 00 2E 00 6E 00 65 00 74 00 00 00 + friendlyName: Localhost Certificate for .NET Core +subject=/CN=localhost +issuer=/CN=localhost +-----BEGIN CERTIFICATE----- +MIIDDjCCAfagAwIBAgIQYuhrnnBGU7dGIwU5o+LBGDANBgkqhkiG9w0BAQsFADAU +MRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMjAwNDE3MDc1MTA2WhcNMzAwNDE3MDc1 +MTA2WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDh/y1tm+cbvrdHDZHh8LMgWGmuJxfgImLu0S//GLkQ4MQGjQEB +kLSjoQLsjQI2B8zNzqM07DfouBmjnO+zu0argEPSyMxcEtQxB6aDCq+gHs+mamPs +1d3JfgfP3yZjK7/wHhvF4pZaYhwIHNYwaq2BtRc1KvFnd9qjqoE1WfmucqlBGnHx +Hq5MW0Qyg9b1PIFRRAXB/WXPbutlZkSBHOxq5bKnWeGryv8VuBeFEtQwhY14iscF +xdb/tW7ieh8beW8TwQs3s6pFxou5TQXij5dCD52GC1QVemiAPsHh2hdOFE2DTJm0 +1Mv32yGUsk1luF0V2hACpC2zb90cGj4VY5eFAgMBAAGjXDBaMA4GA1UdDwEB/wQE +AwIEsDAUBgNVHREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEw +HQYDVR0OBBYEFBucYmpXCQ7QicOAXh2INjUg09DBMA0GCSqGSIb3DQEBCwUAA4IB +AQDeKpRYhNYA2QrfFChrwVB2uOUx5M1JbcY0yQxMsRWtkIOQU6Jh5Y+yUucU8zjh +iv953d8HNRH6O/tL3hdTgckIImkMaceIcLrXC91hDq2Pg8+jaUku3qH13i4DLUm5 +Yyw/G66hTH/pCzitwdlABrDLDEiZiqM4ZKa5oyYRR0TOQA3qQ+sTJfZ7b5oxxI+c +43eF1/zN3XcHPLbJNxXzOhw/y2gSuaZWT2BuZjvpPR0swksCnhVuKkyzg3pNshLC +nQf9lpPGdfExhgRKGACbPEIhyW6uRdquYpwz6QSEp1OFiNFToRPKtCq5vO1wr8O+ +j4gj3gZ8Dhp/sbwCp+U8OLTv +-----END CERTIFICATE----- diff --git a/local_certs/squidex-dev.pfx b/local_certs/squidex-dev.pfx new file mode 100644 index 000000000..c8c1ef295 Binary files /dev/null and b/local_certs/squidex-dev.pfx differ