Reputation: 864
Node.js SSL authentication
I set up a HTTPS node.js server, but I'm having trouble understanding how to use it correctly.
app.get('/test', function(req, res){
console.log('got in');
if(req.client.authorized){
res.send(200, 'certified');
}else{
res.send(200, 'idk who you are');
}
});
require('https').createServer({
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
requestCert: true,
rejectUnauthorized: false
}, app).listen(8080);
What does the client have to do to be 'authorized' on my server?
I can browse to
https://localhost:8080/test
and it tells me that my certificate isn't trusted (that's okay, the SSL is self signed for now.). I proceed anyway but I always go to 'idk who you are', meaning the SSL authentication failed.
I'm pretty sure I'm missing a step here.
P.S., if it is important, I am setting up SSL for encryption purposes.
Upvotes: 1
Views: 690
Answers (1)
Reputation: 25071
The authorized property is false because the certificate provided by the client is not signed by a trusted certificate authority. Being as rejectUnauthorized is false, the connection is not rejected, rather it is marked as un-authorized.
See here - https://github.com/joyent/node/blob/master/lib/_tls_wrap.js#L512
Upvotes: 1
Related Questions
- nodejs - error self signed certificate in certificate chain
- How to use HTTPS with Node.js
- https request basic authentication node.js
- Setting up SSL with node.js
- Nodejs Https Certification
- Node JS API Authentication
- node.js SSL encryption without authentication
- Client ssl authorization on node.js
- https ssl password in node js 0.4
- node js tls1.2 and authentication