-
-
Notifications
You must be signed in to change notification settings - Fork 6.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ERR_SSL_VERSION_OR_CIPHER_MISMATCH when both --https and server.https provided #10058
Comments
See https://vitejs.dev/config/server-options.html#server-https. @vitejs/plugin-basic-ssl is required since Vite 3 |
Yep - that is not the issue. I realise the repro I provided does not clearly get this across, but the above repros even using a valid custom certificate. Interestingly, when passing the cert file via a plugin, it does not reproduce. I'm not sure how best to show a repro for this, as it uses a certificate that would need to be added to the certificate store on the dev machine. @bluwy, |
It would be great if you can provide repro steps for the custom local certificate you mention, otherwise there isn't a way for us to debug and fix this. |
@bluwy, I've included additional repro steps, and the weird plugin behaviour I saw whilst debugging that I didn't document originally as I didn't want to dilute the focus away from the main issue. I've also included the exact steps I used to generate my certificate (I'm a .NET dev primarily), in case it matters. The exact steps I followed to generate my certificate was the following:
This is then passed into the config file: import { defineConfig } from "vite";
import react from "@vitejs/plugin-react";
//implementation copied from the ssl cert plugin
function certPlugin(keyPath, certPath): Plugin {
return {
name: "vite:cert-plugin",
async config(config) {
const https = () => ({
https: {
key: keyPath,
cert: certPath,
},
});
return {
server: https(),
};
},
};
}
const certPath = "./cert.pem";
const keyPath = "./cert.key";
// https://vitejs.dev/config/
export default defineConfig({
plugins: [
react(),
//certPlugin(keyPath, certPath)
],
server: {
https: {
key: keyPath,
cert: certPath,
},
},
}); Passing in the cert and key via server.https directly in the config results in the following. After commenting in the certPlugin: import { defineConfig } from "vite";
import react from "@vitejs/plugin-react";
//implementation copied from the ssl cert plugin
function certPlugin(keyPath, certPath): Plugin {
return {
name: "vite:cert-plugin",
async config(config) {
const https = () => ({
https: {
key: keyPath,
cert: certPath,
},
});
return {
server: https(),
};
},
};
}
const certPath = "./cert.pem";
const keyPath = "./cert.key";
// https://vitejs.dev/config/
export default defineConfig({
plugins: [
react(),
- //certPlugin(keyPath, certPath)
+ certPlugin(keyPath, certPath)
],
server: {
https: {
key: keyPath,
cert: certPath,
},
},
}); the app runs successfully and loads to the default screen. package.json (note the {
"name": "vite-project",
"private": true,
"version": "0.0.0",
"type": "module",
"scripts": {
"dev": "vite --https --open",
"build": "tsc && vite build",
"preview": "vite preview"
},
"dependencies": {
"react": "^18.2.0",
"react-dom": "^18.2.0"
},
"devDependencies": {
"@types/react": "^18.0.17",
"@types/react-dom": "^18.0.6",
"@vitejs/plugin-react": "^2.1.0",
"typescript": "^4.6.4",
"vite": "^3.1.0"
}
} if we remove package.json (removed the {
"name": "vite-project",
"private": true,
"version": "0.0.0",
"type": "module",
"scripts": {
- "dev": "vite --open --https",
+ "dev": "vite --open",
"build": "tsc && vite build",
"preview": "vite preview"
},
"dependencies": {
"react": "^18.2.0",
"react-dom": "^18.2.0"
},
"devDependencies": {
"@types/react": "^18.0.17",
"@types/react-dom": "^18.0.6",
"@vitejs/plugin-react": "^2.1.0",
"typescript": "^4.6.4",
"vite": "^3.1.0"
}
} Show code...import { defineConfig } from "vite";
import react from "@vitejs/plugin-react";
//implementation copied from the ssl cert plugin
function certPlugin(keyPath, certPath): Plugin {
return {
name: "vite:cert-plugin",
async config(config) {
const https = () => ({
https: {
key: keyPath,
cert: certPath,
},
});
return {
server: https(),
};
},
};
}
const certPath = "./cert.pem";
const keyPath = "./cert.key";
// https://vitejs.dev/config/
export default defineConfig({
plugins: [
react(),
//certPlugin(keyPath, certPath)
],
server: {
https: {
key: keyPath,
cert: certPath,
},
},
}); The app then runs successfully once again. |
I was also able to reproduce on a SvelteKit 1.0 project on Vite 4.0.4. Same story as above, passing in key information to the On a related issue, there also seems to be ambiguity in the docs about whether the key/cert parameters accept the keys as strings or the file paths. The Vite docs defer this to the Node docs, but those yet again refer to another link to a different function's documentation, which still does not rectify this question. It appears that for me, either using the string representation or the file path of the key/cert worked, but this may be a point of confusion for others. |
Just to confirm that this is also the same for me (on Vite 3.2.5) - if I don't include the 'certPlugin' I get the "ERR_SSL_VERSION_OR_CIPHER_MISMATCH" error, with the plugin it all works OK. I'm on MacOSX and used openssl to generate the certificates (which work fine in other environments such as Parcel) |
This will get you TLS certificate setup without any hacks. My certs were created and signed by a root CA that I made/control, and is already in the windows certificate store. I had no issue with Chrome with this setup. Also note the use of vite.config.ts
|
Just chiming in because I landed here after initially running into the same issue. The config given by @Strandedpirate will definitely work, but my sequence as somebody adding Vite to a project for the first time was:
It's not exactly a bug, just wasn't very intuitive at first. It would be helpful if the docs stated somewhere that using an |
Describe the bug
When using
server.https
set to true, subsequently passing the--https
CLI flag tovite
causes a ERR_SSL_VERSION_OR_CIPHER_MISMATCH when trying to load the page served by the dev server. Reloading the page does not have any effect on the issue.The reproduction steps are listed below, additionally, the reproduction stackblitz link with the project set up as stated below also errors out in an odd way.
to vite.config.ts
In package.json, under scripts, dev, pass
--https
to vite.The above reproduces with both
https: true
, and a custom SSL cert and key filehttps: { key: ..., cert: ...}
. I ran into this issue when I was resurrecting an older project that I hadn't visited for a few months - I had a specific cert and key file, but was also passing --https in my startup script. This suggests that this is a regression, and that this scenario was working at some point with vite 3.x.Reproduction
https://stackblitz.com/edit/vitejs-vite-8esgks?file=package.json,vite.config.ts&terminal=dev
System Info
Used Package Manager
yarn
Logs
No response
Validations
The text was updated successfully, but these errors were encountered: