Reputation:
Socket.io/Node.js and SSL
I recently bought a SSL certificate from Comodo. They sent me these files:
AddTrustExternalCARoot.crt
PositiveSSLCA2.crt
mydomain.crt
I then created my private key and ca-bundle like so,
openssl genrsa -des3 -out mydomain.key 1024
cat PositiveSSLCA2.crt AddTrustExternalCARoot.crt > mydomain.ca-bundle
This is the code I'm using to put it all together. I get an SSL connection error in Chrome.
var privateKey = fs.readFileSync('./mydomain.key').toString();
var certificate = fs.readFileSync('./mydomain.crt').toString();
var ca = fs.readFileSync('./mydomain.ca-bundle').toString();
var io = require('socket.io').listen(1200, { key:privateKey,cert:certificate,ca:ca });
Upvotes: 0
Views: 660
Answers (1)
Reputation: 144912
You generate your private key before you are issued a certificate.
A certificate is created when a CA signs the public key that goes with a particular private key. You generate a private key, then you create a CSR which includes the public key. The CA sends you back a certificate.
You must have generated a private key at some point before you got a certificate – you have to use that. If you try to use a private key that you generate after the certificate is issued, it will obviously not match the public key in your certificate.
Also, node's tls module cannot parse certificate bundles. You have to pass each certificate separately in an array.
{
key: fs.readFileSync('mydomain.key'),
cert: fs.readFileSync('mydomain.crt'),
ca: [ fs.readFileSync('AddTrustExternalCARoot.crt'), fs.readFileSync('PositiveSSLCA2.crt') ]
}
The docs have more detail.
Upvotes: 1
Related Questions
- node.js, socket.io with SSL
- Node.js, socket.io https connection
- nginx, node.js + socket.io with SSL
- node.js and socket.io with SSL
- Socket.io + NodeJS + Nginx + SSL
- How do I serve socket.io over HTTPS with Node?
- node.js, socket.io and SSL
- NodeJS + Express + Socket.IO + SSL
- SSL certificate Socket.io
- Serving socket.io through SSL