Databases
StackOverflow2013
Postsdbo
PONode.JS + HTTPS + Client Cert = Problems
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PONode.JS + HTTPS + Client Cert = Problems
    primarykey
    data
    text
    <p>I've been trying to get Node.JS to work with SSL and client certificates. Originally, I had tried to get it to work with restify (see my question <a href="https://stackoverflow.com/questions/12826711/node-js-restify-requiring-client-certificate">here</a>). When I couldn't get that to work, I backed up and tried to find an example that illustrated what I was trying to accomplish. I tried <a href="http://vanjakom.wordpress.com/2011/08/11/client-and-server-side-ssl-with-nodejs/" rel="nofollow noreferrer">this one</a>, and I'm receiving an odd error.</p> <p>Code is as follows:</p> <p>Server:</p> <pre><code>var sys = require("sys"); var fs = require("fs"); var https = require("https"); var options = { key: fs.readFileSync("../certs/server.key"), cert: fs.readFileSync("../certs/server.crt"), ca: fs.readFileSync("../certs/ca.crt"), requestCert: true, rejectUnauthorized: true }; https.createServer(options, function (req, res) { console.log(req); res.writeHead(200); sys.puts("request from: " + req.connection.getPeerCertificate().subject.CN); res.end("Hello World, " + req.connection.getPeerCertificate().subject.CN + "\n"); }).listen(8080); sys.puts("server started"); </code></pre> <p>Client:</p> <pre><code>var https = require('https'); var fs = require("fs"); var options = { host: 'localhost', port: 8080, path: '/hello', method: 'GET', key: fs.readFileSync("../certs/user.key"), cert: fs.readFileSync("../certs/user.crt"), ca: fs.readFileSync("../certs/ca.crt"), passphrase: 'thepassphrase' }; var req = https.request(options, function(res) { console.log("statusCode: ", res.statusCode); console.log("headers: ", res.headers); res.on('data', function(d) { process.stdout.write(d); }); }); req.end(); req.on('error', function(e) { console.error(e); }); </code></pre> <p>Running test-client.js yields this:</p> <pre><code>{ [Error: socket hang up] code: 'ECONNRESET' } </code></pre> <p>Attempting the same sort of thing with curl:</p> <pre><code>curl -k -v --key user.key --cert user.crt:thepassphrase --cacert ca.crt https://localhost:8080/hello </code></pre> <p>yields:</p> <pre><code>* About to connect() to localhost port 8080 (#0) * Trying 127.0.0.1... connected * successfully set certificate verify locations: * CAfile: ca.crt CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Request CERT (13): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS handshake, CERT verify (15): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * Unknown SSL protocol error in connection to localhost:8080 * Closing connection #0 curl: (35) Unknown SSL protocol error in connection to localhost:8080 </code></pre> <p>If I want to go the extra step to require a client certificate, how would I go about it?</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. USCommunity
    1. USChris
    plurals
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. PONode.JS + HTTPS + Client Cert = Problems
      1. USsaintedlama
      1. VTFavorite
    2. VO
      singulars
      1. PONode.JS + HTTPS + Client Cert = Problems
      1. This table or related slice is empty.
      1. VTUpMod
    1. This table or related slice is empty.
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload