feat: cache certificate

[wmzy]

Description

If we enable https with the config below:

export default defineConfig({
  server: {
     https: true,
  },
});

Browser will throw the NET::ERR_CERT_AUTHORITY_INVALID error ervery time vite restart.

This PR cache the certificate to file system to avoid the boring error.

Additional context

I do not know if I can use the config.cacheDir directory to cache this.
It seem that it only use for build data and maybe clean by --force option.

---

What is the purpose of this pull request?

• Bug fix
• New Feature
• Documentation update
• Other

Before submitting the PR, please make sure you do the following

• Read the Contributing Guidelines.
• Read the Pull Request Guidelines and follow the Commit Convention.
• Check that there isn't already a PR that solves the problem the same way to avoid creating a duplicate.
• Provide a description in this PR that addresses what the PR is solving, or reference the issue that it solves (e.g. fixes #123).
• Ideally, include relevant tests that fail without this PR but pass with it.

[patak-dev]

Thanks for the PR. We'll discuss this feature with Evan to get approval next week.
I think it makes sense to use the cacheDir for this as you did. Do you see a problem with --force also deleting the cert cache?

[wmzy]

@patak-js --force clean the cache cert file just as no this feature. But it is not a serious problem.

I think it is a good way that give some sub directories which do not clean by --force for vite plugins and other use case.
So that plugins no need add another cacheDir config for users.

[patak-dev]

I think it is a good way that give some sub directories which do not clean by --force for vite plugins and other use case.
So that plugins no need add another cacheDir config for users.

Yes, I agree. But I don't know if there is a need to add the fine-grained options at this point. But I think we may end up with --clean-optimized-deps, --clean-https-cert, etc at one point.

[patak-dev]

We discussed this with Evan and we have his approval to merge this feature. But I just saw that there were some previous discussions about this in the past between Evan and @underfin in #276. Looks like the PR was closed after the v2 rewrite, but the feature was also considered good to have at that point. But there were some talks about storing IP addresses in the cert. @wmzy would you review that discussion? @underfin could you review this new PR?

[wmzy]

@patak-js This pr does not change the cert creation logic, but only add the cache to prevent the NET::ERR_CERT_AUTHORITY_INVALID error every time vite is restarted.

If that storing IP addresses in the cert is needed, it is better another pr.

[wmzy]

Hi @patak-js @antfu ，can you help to merge this pr?
Do I need to make any changes?