[nodejs] Can't get https to work with IP-based addresses

[Rodion]

Hello.

Basically I'm looking for a hello world of making a https server and client 
working with a self-signed certificate and IP-based address. I've posted to 
stackoverflow to no avail as well.

I'm using this code

    var tls = require('tls');
    var fs = require('fs');
    
    var cert = fs.readFileSync(__dirname + '/cert.pem');
    var key = fs.readFileSync(__dirname + '/key.pem');
    
    var netServer = new tls.Server(options = { key: key, cert: cert });
    var port = 54321;
    
    netServer.listen(port);
    
    netServer.on('secureConnection', function(socket) {
        socket.end('connected');
    });
    
    var client = tls.connect(port, 'localhost', {
        ca: [ cert ],
        rejectUnauthorized: true
    });
    
    client.on('data', function(data) {
        console.log(data.toString());
        process.exit();
    });

It works fine with the cert generated by these 
instructions<http://nodejs.org/api/tls.html#tls_tls_ssl>(without Subject 
Alternative Names) when the request is issued to 
`localhost`, however when I replace it with `127.0.0.1`, I get `Error: 
Hostname/IP doesn't match certificate's altnames`. So I've created a new 
certificate generating with `subjectAltName`. Openssl reads it as:

        Certificate:
            Data:
                Version: 3 (0x2)
                Serial Number: 11107838472034892631 (0x9a26f83d0c0ebb57)
            Signature Algorithm: sha1WithRSAEncryption
                Issuer: CN=127.0.0.1
                Validity
                    Not Before: Jun 24 09:51:56 2013 GMT
                    Not After : Jun 22 09:51:56 2023 GMT
                Subject: CN=127.0.0.1
                Subject Public Key Info:
                    Public Key Algorithm: rsaEncryption
                        Public-Key: (1024 bit)
                        Modulus: *skipped*
                        Exponent: 65537 (0x10001)
                X509v3 extensions:
                    X509v3 Key Usage: 
                        Key Encipherment, Data Encipherment
                    X509v3 Extended Key Usage: 
                        TLS Web Server Authentication
                    X509v3 Subject Alternative Name: 
                        DNS:localhost, IP Address:127.0.0.1
            Signature Algorithm: sha1WithRSAEncryption
    *skipped*

So the SANs were created properly. Now I'm getting `Error: 
UNABLE_TO_VERIFY_LEAF_SIGNATURE`, how do I make it work?

Thanks

-- 
-- 
Job Board: http://jobs.nodejs.org/
Posting guidelines: 
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nodejs@googlegroups.com
To unsubscribe from this group, send email to
nodejs+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en

--- 
You received this message because you are subscribed to the Google Groups 
"nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to nodejs+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.