Hello friends.
The (simplified) code of my localhost TLS server is:
*var tls = require("tls")var fs = require("fs")var options = { key:
fs.readFileSync("PrivKeyServer.pem"), cert:
fs.readFileSync("CertServer.pem") //Self-signed with CertCA.pem file, see
below}var server = tls.createServer(options)server.on("secureConnection",
function(socket){ console.log("New connection")})server.listen(4000)*
The (simplified) code of my localhost TLS client (which doesn't need to be
certified, but if it is, nothing changes: I've already tested it) is:
*var tls = require("tls")var fs = require("fs")var options = { ca: [
fs.readFileSync("CertCA.pem") ], host: "127.0.0.1", port: 4000
//With ejectAuthorized:false happens the same error}var client =
tls.connect(options)client.on("secureConnect", function() {
console.log("Connected")})*
"PrivKeyServer.pem" has been generated by this command: *openssl genrsa
-out PrivKeyServer.pem 1024*
CSR has been generated by this command: *openssl req
-new -key PrivKeyServer.pem -out csr.pem*
"CertCA.pem" has been generated by these commands (in the same machine,
too):
*openssl
genrsa -out PrivKeyCA.pem 1024*
*openssl req
-x509 -new -key PrivKeyCA.pem -out CertCA.pem*
"CertServer.pem" has been generated by this command: *openssl x509
-req -in csr.pem -CA CertCA.pem -CAkey PrivKeyCA.pem -CAcreateserial -out
CertServer.pem*
I've also tried to generate "CertServer.pem" without "CertCA.pem", like
official documentation says: *openssl x509 -req -in csr.pem -signkey
PrivKeyServer.pem -out CertServer.pem* (and changing value of property
"ca" of options object in the client, of course) with the same result
If I try to connect with *openssl s_client -connect 127.0.0.1:4000* I have
the same error: *Verify return code: 18 (self signed certificate) *, but I
can connect to server.
I've also tried to put another thing different from "localhost" as Common
Name when creating the CSR. Specifically, I've put the name shown by
*hostnamectl* command (I'm on Fedora 20), as my machine hasn't any DNS
name. But with no luck.
I'm really really *desesperated*. Help, please!!!
Thanks!!!
Note: I use last Node version 0.11.10, OpenSSL 1.0.1e-fips
--
Job board: http://jobs.nodejs.org/
New group rules:
https://gist.github.com/othiym23/9886289#file-moderation-policy-md
Old group rules:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
---
You received this message because you are subscribed to the Google Groups
"nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/nodejs/657faea1-a748-4316-ae46-2d7fd3e18146%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
