vitejs · Jul 7, 2022
diff --git a/‎docs/config/server-options.md
+2 b/‎docs/config/server-options.md
+2
diff --git a/‎docs/guide/migration.md
+13 b/‎docs/guide/migration.md
+13
diff --git a/‎packages/vite/LICENSE.md
+1-339 b/‎packages/vite/LICENSE.md
+1-339
diff --git a/‎packages/vite/package.json
-1 b/‎packages/vite/package.json
-1
diff --git a/‎packages/vite/src/node/certificate.ts
-169 b/‎packages/vite/src/node/certificate.ts
-169
diff --git a/‎packages/vite/src/node/http.ts
+1-28 b/‎packages/vite/src/node/http.ts
+1-28
diff --git a/‎pnpm-lock.yaml
-7 b/‎pnpm-lock.yaml
-7
@@ -55,6 +55,8 @@ Enable TLS + HTTP/2. Note this downgrades to TLS only when the [`server.proxy` o
 
 The value can also be an [options object](https://nodejs.org/api/https.html#https_https_createserver_options_requestlistener) passed to `https.createServer()`.
 
+A valid certificate is needed. For a basic setup, you can add [@vitejs/plugin-basic-ssl](https://github.com/vitejs/vite-plugin-basic-ssl) to the project plugins, which will automatically create and cache a self-signed certificate. But we recommend creating your own certificates.
+
 ## server.open
 
 - **Type:** `boolean | string`
 
@@ -101,6 +101,19 @@ You can use `?init` which is similar to the previous behavior.
 })
 ```
 
+### Automatic https certificate generation
+
+A valid certificate is needed when using `https`. In Vite v2, if no certificate was configured, a self-signed certificate was automatically created and cached.
+Since Vite v3, we recommend manually creating your certificates. If you still want to use the automatic generation from v2, this feature can be enabled back by adding [@vitejs/plugin-basic-ssl](https://github.com/vitejs/vite-plugin-basic-ssl) to the project plugins.
+
+```js
+import basicSsl from '@vitejs/plugin-basic-ssl'
+
+export default {
+  plugins: [basicSsl()]
+}
+```
+
 ## Advanced
 
 There are some changes which only affects plugin/tool creators.
 
@@ -101,7 +101,6 @@
     "micromatch": "^4.0.5",
     "mlly": "^0.5.4",
     "mrmime": "^1.0.1",
-    "node-forge": "^1.3.1",
     "okie": "^1.0.1",
     "open": "^8.4.0",
     "periscopic": "^3.0.4",
 
@@ -1,4 +1,4 @@
-import fs, { promises as fsp } from 'node:fs'
+import fs from 'node:fs'
 import path from 'node:path'
 import type {
   Server as HttpServer,
@@ -134,9 +134,6 @@ export async function resolveHttpsConfig(
     key: readFileIfExists(key),
     pfx: readFileIfExists(pfx)
   })
-  if (!httpsOption.key || !httpsOption.cert) {
-    httpsOption.cert = httpsOption.key = await getCertificate(cacheDir)
-  }
   return httpsOption
 }
 
@@ -151,30 +148,6 @@ function readFileIfExists(value?: string | Buffer | any[]) {
   return value
 }
 
-async function getCertificate(cacheDir: string) {
-  const cachePath = path.join(cacheDir, '_cert.pem')
-
-  try {
-    const [stat, content] = await Promise.all([
-      fsp.stat(cachePath),
-      fsp.readFile(cachePath, 'utf8')
-    ])
-
-    if (Date.now() - stat.ctime.valueOf() > 30 * 24 * 60 * 60 * 1000) {
-      throw new Error('cache is outdated.')
-    }
-
-    return content
-  } catch {
-    const content = (await import('./certificate')).createCertificate()
-    fsp
-      .mkdir(cacheDir, { recursive: true })
-      .then(() => fsp.writeFile(cachePath, content))
-      .catch(() => {})
-    return content
-  }
-}
-
 export async function httpServerStart(
   httpServer: HttpServer,
   serverOptions: {