[OpenXPKI-users] NET::ERR_CERT_INVALID

Fri, 28 Jul 2017 08:06:52 -0700 

Hi,
I've the problem to use the certficates generated by openxpki.
I made these steps to generate the certificate using openxpki:
1) Login with raop user to the site http://localhost/openxpki
2) Request -> Request certificate, Select TLS Client and press "continue"
button
3) Click on "Generate key on server" button
4) Select
    - Key Algorithm: RSA
    - Key Encryption Method: AES 256 bit
    - Key length: 2048 bit
    - Password Method: Generate password on server
   Press continue and generate password.
5) Into Edit Subject Form, I specified:
    - Hostname: www.forensor.com <http://www.mysite.com>
    - Application Name: scep
6) Into Edit Certificate Info Form, I specified my firstname, lastname,
Email address and affilation System Owner
7) Into "Review request" Form, I press "Submit request" button
8) Into "Request awaits approval" Form, I press "Approve Request"

After these steps, I downloaded the following files:
- .crt certificate
- .key keyword
-  PEM bundle

I used this file into my nodejs server:

*var https = require("https");*
*var fs =  require("fs");*

*var options = {*
* ca: fs.readFileSync('www.forensor.com-scep.bundle'),*
* key: fs.readFileSync('www.forensor.com-scep.key'),*
* cert: fs.readFileSync('www.forensor.com-scep.crt'),*
* passphrase: 'DfgdfYREsasrer83Ss.45sdas'*
*};*

*var server = https.createServer(options, function(request, response){*
*  response.writeHead(200, {"Content-Type": "text/html"});  *
*  response.write("<html>");*
*  response.write("<head>");*
*  response.write("<title>Hello World Page</title>");*
*  response.write("</head>");*
*  response.write("<body>");*
*  response.write("Hello World!");*
*  response.write("</body>");*
*  response.write("</html>");*
*  response.end(); *
*});*


*server.listen(443, 'localhost');*
*console.log("Server is listening");*


Unfortunately, The browser responded with this error: NET::ERR_CERT_INVALID
Furthermore, the site is not "secure":

[image: Immagine incorporata 2]

I expect this behavior:

[image: Immagine incorporata 3]

Where is the problem????
Is my procedure correct? Is the certficates generated by openxpki secure???

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users

Reply via email to