IdanHen
IdanHen

Reputation: 266

howto create nodejs ssl server?

nodejs version : 0.8.6
i have created a ssl csr file using using openssl with the following command: openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out myserver.csr

now i wanted to create a SSL secure server :

var fs = require("fs");
var https = require('https');
var credentials = {
            key: fs.readFileSync(options.base_project_folder + 'privatekey.pem'),
            cert: fs.readFileSync(options.base_project_folder + 'certificate.pem')
};
var server = https.createServer(credentials, app);
server.listen(port, address, function() {
    var addr = this.address();
    console.log('listening on %s:%d', addr.address, addr.port);
});

server is running , but i get : "SSL connection error"

trying to check the problem i did : openssl s_client -connect my_dns:443 // my_dns points to my nodejs server ofcourse

RESULT: CONNECTED(00000003) 139813382997664:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 226 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE

can anyone help me ? i lost my way in the SSL darkness :(

Upvotes: 7

Views: 7031

Answers (3)

user5216459
user5216459

Reputation:

How to do this through cloudflare?

Create your websocket.js with the obvious ssl credentials

var https = require('https');
var credentials = {
            key: fs.readFileSync('/location/to/privatekey.pem'),
            cert: fs.readFileSync(/location/to/certificate.pem')
};
var server = https.createServer(credentials, app);

1) Sign up to cloud flare

2) Point your domain dns server to cloudflare ns servers

3) Generate an origin certificate and save both the private key and certificate to your server privatekey.pem & certificate.pem

4) Make sure you're using an SSL port in your websocket and that your router firewall allows this port.

Upvotes: 0

talentedmrjones
talentedmrjones

Reputation: 8111

Try adding the CA like so:

var credentials = {
  key: fs.readFileSync(options.base_project_folder + 'privatekey.pem'),
  cert: fs.readFileSync(options.base_project_folder + 'certificate.pem'),
  ca: fs.readFileSync(/path/to/CA/cert)
};

The docs say that the options argument is similar to tls.createServer

Upvotes: 8

mr.freeze
mr.freeze

Reputation: 14062

I believe you need to specify a CA certificate for the signer as well. Since this is not a self signed certificate you should have received a bundle from wherever you got the cert.

A couple links that should help: http://qugstart.com/blog/node-js/install-comodo-positivessl-certificate-with-node-js/ http://www.gettingcirrius.com/2012/06/securing-nodejs-and-express-with-ssl.html

Upvotes: 1

Related Questions