From 72845a36f7eb26cad4f8e0954d0f1e73441b29cf Mon Sep 17 00:00:00 2001 From: Austin Drummond Date: Fri, 21 Jun 2024 13:14:32 -0400 Subject: [PATCH 1/3] throw exception if trust CA is canceled --- cli/Valet/Site.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cli/Valet/Site.php b/cli/Valet/Site.php index 2ae67658..27dd0f26 100644 --- a/cli/Valet/Site.php +++ b/cli/Valet/Site.php @@ -640,9 +640,14 @@ public function createSigningRequest(string $url, string $keyPath, string $csrPa */ public function trustCa(string $caPemPath): void { - $this->cli->run(sprintf( - 'sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "%s"', $caPemPath + info('Trusting Laravel Valet Certificate Authority...'); + $result = $this->cli->run(sprintf( + 'sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain "%s"', + $caPemPath )); + if ($result) { + throw new DomainException('The Certificate Authority must be trusted. Please run the command again.'); + } } /** From a39a7b09371a9fb3988a6ffa7f4eadb8a655c1bf Mon Sep 17 00:00:00 2001 From: Austin Drummond Date: Fri, 21 Jun 2024 13:14:48 -0400 Subject: [PATCH 2/3] prevent the old cert from being removed if the trust ca command is canceled --- cli/Valet/Site.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/cli/Valet/Site.php b/cli/Valet/Site.php index 27dd0f26..18661ebe 100644 --- a/cli/Valet/Site.php +++ b/cli/Valet/Site.php @@ -475,17 +475,18 @@ public function secure(string $url, ?string $siteConf = null, int $certificateEx // Extract in order to later preserve custom PHP version config when securing $phpVersion = $this->customPhpVersion($url); - $this->unsecure($url); - + // Create the CA if it doesn't exist. + // If the user cancels the trust operation, the old certificate will be not removed. $this->files->ensureDirExists($this->caPath(), user()); + $caExpireInDate = (new \DateTime())->diff(new \DateTime("+{$caExpireInYears} years")); + $this->createCa($caExpireInDate->format('%a')); + + $this->unsecure($url); $this->files->ensureDirExists($this->certificatesPath(), user()); $this->files->ensureDirExists($this->nginxPath(), user()); - $caExpireInDate = (new \DateTime())->diff(new \DateTime("+{$caExpireInYears} years")); - - $this->createCa($caExpireInDate->format('%a')); $this->createCertificate($url, $certificateExpireInDays); $siteConf = $this->buildSecureNginxServer($url, $siteConf); From e7c0dbadd673de25d309938d7a1b5bc3aa1fa750 Mon Sep 17 00:00:00 2001 From: Austin Drummond Date: Fri, 21 Jun 2024 13:46:10 -0400 Subject: [PATCH 3/3] update phrasing --- cli/Valet/Site.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cli/Valet/Site.php b/cli/Valet/Site.php index 18661ebe..49082568 100644 --- a/cli/Valet/Site.php +++ b/cli/Valet/Site.php @@ -476,7 +476,7 @@ public function secure(string $url, ?string $siteConf = null, int $certificateEx $phpVersion = $this->customPhpVersion($url); // Create the CA if it doesn't exist. - // If the user cancels the trust operation, the old certificate will be not removed. + // If the user cancels the trust operation, the old certificate will not be removed. $this->files->ensureDirExists($this->caPath(), user()); $caExpireInDate = (new \DateTime())->diff(new \DateTime("+{$caExpireInYears} years")); $this->createCa($caExpireInDate->format('%a'));