问题
I have seen other similar questions but non addresses my problem. I have generated my TLS (openSSL) Self-Signed certificate, but seems not working on my NodeJS server.
Instructions to generate SSL
openssl req -newkey rsa:2048 -keyout key.pem -x509 -days 365 -out certificate.pem
openssl x509 -text -noout -in certificate.pem
openssl pkcs12 -inkey key.pem -in certificate.pem -export -out certificate.p12
openssl pkcs12 -in certificate.p12 -noout -info // verify certificate
So at the end I have .p12 also known as PFX type certificate. Below is my Node.js code:
// ------- Start HTTPS configuration ----------------
const options = {
pfs: fs.readFileSync('./server/security-certificate/certificate.p12'),
passphrase: 'secrete2'
};
https.createServer(options, app).listen(8443);
// -------- End HTTPS configuration -----------------
// Also listen for HTTP
var port = 8000;
app.listen(port, function(){
console.log('running at localhost: '+port);
});
Here is the output when I run curl command, the HTTP request is served correctly, only HTTPS has problem:
Moreover, if I do this:
export CURL_CA_BUNDLE=/var/www/html/node_app/server/security-certificate/cert.p12
Then I get following error:
curl: (77) Problem with the SSL CA cert (path? access rights?)
If I try to access in browser with HTTPS and port, browser says it could not load the page.
Reference links I followed: Node.js HTTPS:
https://nodejs.org/dist/latest-v8.x/docs/api/https.html#https_https_createserver_options_requestlistener
I'm using AWS RedHat Linux
回答1:
So far don't know the solution to the above posted problem related to my .p12 bundle certificate (used in my Node.js configuration).
However I have noticed that when I changed the code and tried to use the .pem certificate, it worked correctly with curl -k <MY-URL> command.
const options = {
cert: fs.readFileSync('./server/security-certificate/cert.pem'),
key: fs.readFileSync('./server/security-certificate/key.pem'),
//pfs: fs.readFileSync('./server/security-certificate/cert.p12'), // didn't work
passphrase: 'secrete'
};
https.createServer(options, app).listen(8443);
If any one knows better solution/answer please post that. So far, I'm not sure why .p12 certificate does not work. Should I rename it to .pfx (what is the different and effect)?
来源:https://stackoverflow.com/questions/50194109/node-js-https-configuration-error-no-common-encryption-algorithms