Open
Description
What is the problem this feature would solve?
Currently, Bun's fetch implementation only supports PEM format certificates through the cert and key TLS options. However, many enterprise environments and security systems use PKCS#12 (.p12) certificate files. Users migrating from Node.js, which supports .p12 files via the pfx option in its HTTPS agent, face obstacles when trying to use these certificates in Bun. This forces developers to either convert certificates to PEM format (adding complexity and potential security risks) or maintain separate certificate formats for different environments.
What is the feature you are proposing to solve the problem?
Add support for PKCS#12 (.p12) certificate files in Bun's fetch TLS options, similar to Node.js's pfx option. This would allow users to directly pass .p12 files to the TLS configuration, such as:
await fetch(url, {
tls: {
ca: Bun.file('ca1.pem'),
pfx: Bun.file('pfx.p12'), // New proposed option
passphrase: 'password'
}
})What alternatives have you considered?
- Converting .p12 files to PEM format before use, but this adds complexity to deployment processes and certificate management.
- Using a third-party library to handle the conversion at runtime, but this introduces additional dependencies and potential performance overhead.
- Continuing to use Node.js's HTTPS agent for specific endpoints requiring .p12 certificates, but this fragments the codebase and prevents full migration to Bun.
Activity