While integrating this library I have been faced with limitations on the pem.verifySigningChain() tool, as I needed to customize the OpenSSL options to make them fit our use case.
It would be overkill to ask for integrating the various OpenSSL options in JSON format, so I'd suggest either:
- a simple "customOpenSSLOptions" (string[]) param that is merged with the params array
- a callback instead, that is plugged somewhere to customize the behavior of the spawn wrapper
In the meantime our workaround has been to directly use the internal APIs:
import * as openssl from 'pem/lib/openssl';
function validateCertChain(cert: string, callback: Callback<boolean>) {
var params = ['verify', '** WHATEVER WE NEED **']
if (this.certAuthority !== undefined) {
params.push('-CAfile');
params.push('--TMPFILE--');
}
params.push('--TMPFILE--');
openssl.spawnWrapper(params, [this.certAuthority, cert], function (err, code, stdout, stderr) {
// ....
While integrating this library I have been faced with limitations on the
pem.verifySigningChain()tool, as I needed to customize the OpenSSL options to make them fit our use case.It would be overkill to ask for integrating the various OpenSSL options in JSON format, so I'd suggest either:
In the meantime our workaround has been to directly use the internal APIs: