From 028f5d4b1f3b47cf961356730ede4cb70d83cc57 Mon Sep 17 00:00:00 2001
From: Shubhan Chemburkar <schemburkar@outlook.com>
Date: Sat, 9 Jul 2022 13:58:39 +0530
Subject: [PATCH] Add support for PFX or PKCS12 encoded certificates

Add support for PFX or PKCS12 encoded certificates
---
 source/utilities/cli.ts    |  2 ++
 source/utilities/server.ts | 39 ++++++++++++++++++++++++--------------
 2 files changed, 27 insertions(+), 14 deletions(-)

diff --git a/source/utilities/cli.ts b/source/utilities/cli.ts
index f32aa8e0..19045677 100644
--- a/source/utilities/cli.ts
+++ b/source/utilities/cli.ts
@@ -83,8 +83,10 @@ const helpText = chalk`
     -S, --symlinks                      Resolve symlinks instead of showing 404 errors
     
     --ssl-cert                          Optional path to an SSL/TLS certificate to serve with HTTPS
+                                        {grey Supported formats: PEM (default) and PKCS12 (PFX)}
     
     --ssl-key                           Optional path to the SSL/TLS certificate\'s private key
+                                        {grey Applicable only for PEM certificates}
 
     --ssl-pass                          Optional path to the SSL/TLS certificate\'s passphrase
 
diff --git a/source/utilities/server.ts b/source/utilities/server.ts
index 360389c1..b44dd518 100644
--- a/source/utilities/server.ts
+++ b/source/utilities/server.ts
@@ -62,21 +62,31 @@ export const startServer = async (
   };
 
   // Create the server.
-  const useSsl = args['--ssl-cert'] && args['--ssl-key'];
-  const httpMode = useSsl ? 'https' : 'http';
+
+  const sslCert = args['--ssl-cert'];
+  const sslKey = args['--ssl-key'];
   const sslPass = args['--ssl-pass'];
-  const serverConfig =
-    httpMode === 'https' && args['--ssl-cert'] && args['--ssl-key']
-      ? {
-          key: await readFile(args['--ssl-key']),
-          cert: await readFile(args['--ssl-cert']),
-          passphrase: sslPass ? await readFile(sslPass, 'utf8') : '',
-        }
-      : {};
-  const server =
-    httpMode === 'https'
-      ? https.createServer(serverConfig, serverHandler)
-      : http.createServer(serverHandler);
+  const isPFXFormat = sslCert && /[.](?<extension>pfx|p12)$/.exec(sslCert);
+  const useSsl = sslCert && (sslKey || sslPass || isPFXFormat);
+
+  let serverConfig: http.ServerOptions | https.ServerOptions = {};
+  if (useSsl && sslCert && sslKey) {
+    // Format is PEM due to usagae of SSL Key and Optional Passphrase
+    serverConfig = {
+      key: await readFile(sslKey),
+      cert: await readFile(sslCert),
+      passphrase: sslPass ? await readFile(sslPass, 'utf8') : '',
+    };
+  } else if (useSsl && sslCert && isPFXFormat) {
+    serverConfig = {
+      pfx: await readFile(sslCert),
+      passphrase: sslPass ? await readFile(sslPass, 'utf8') : '',
+    };
+  }
+
+  const server = useSsl
+    ? https.createServer(serverConfig, serverHandler)
+    : http.createServer(serverHandler);
 
   // Once the server starts, return the address it is running on so the CLI
   // can tell the user.
@@ -101,6 +111,7 @@ export const startServer = async (
       else address = details.address;
       const ip = getNetworkAddress();
 
+      const httpMode = useSsl ? 'https' : 'http';
       local = `${httpMode}://${address}:${details.port}`;
       network = ip ? `${httpMode}://${ip}:${details.port}` : undefined;
     }