cli: add NODE_USE_SYSTEM_CA=1 · nodejs/node@471fe71
1+// Env: NODE_USE_SYSTEM_CA=1
2+// Same as test-native-root-certs.mjs, just testing the environment variable instead of the flag.
3+4+import * as common from '../common/index.mjs';
5+import assert from 'node:assert/strict';
6+import https from 'node:https';
7+import fixtures from '../common/fixtures.js';
8+import { it, beforeEach, afterEach, describe } from 'node:test';
9+import { once } from 'events';
10+11+if (!common.hasCrypto) {
12+common.skip('requires crypto');
13+}
14+15+// To run this test, the system needs to be configured to trust
16+// the CA certificate first (which needs an interactive GUI approval, e.g. TouchID):
17+// see the README.md in this folder for instructions on how to do this.
18+const handleRequest = (req, res) => {
19+const path = req.url;
20+switch (path) {
21+case '/hello-world':
22+res.writeHead(200);
23+res.end('hello world\n');
24+break;
25+default:
26+assert(false, `Unexpected path: ${path}`);
27+}
28+};
29+30+describe('use-system-ca', function() {
31+32+async function setupServer(key, cert) {
33+const theServer = https.createServer({
34+key: fixtures.readKey(key),
35+cert: fixtures.readKey(cert),
36+}, handleRequest);
37+theServer.listen(0);
38+await once(theServer, 'listening');
39+40+return theServer;
41+}
42+43+let server;
44+45+beforeEach(async function() {
46+server = await setupServer('agent8-key.pem', 'agent8-cert.pem');
47+});
48+49+it('trusts a valid root certificate', async function() {
50+await fetch(`https://localhost:${server.address().port}/hello-world`);
51+});
52+53+afterEach(async function() {
54+server?.close();
55+});
56+});