CODEWITHSUNDEEP
node.jsexpresssslhttps
Hankrecords
Hankrecords

Reputation: 365

Broken HTTPS SSL in express-js server (net::ERR_CERT_COMMON_NAME_INVALID)

I have an express js application that I want to listen on HTTPS.

I had a .key file and a .crt file that were already in PEM format (they contained readable text, as this answer says to check), so I used OpenSSL with these commands (taken from the answer linked above, and before finding that answer I had tried using the .key and .crt files I already had and using .pem files created by just renaming those two files into .pem, with no success):

openssl x509 -in public.crt -out public.pem -outform PEM

openssl rsa -in private.key -out private.pem -outform PEM

When I try to access the website at https://localhost, though, this is the error I get:

Chrome HTTPS Error

How can I make it work as intended?

Note that the certificate and key are VALID since I'm already using them on an existing website, it's not a self-signed test certificate.

Also, the client page tries to get the resource "/hey" but in addition to the HTTPS error in the certificate, instead of the resource the page gets a response that says "Cannot GET/"

Here is the code to the node.js app:

var express = require('C:/Users/f.fiore/AppData/Roaming/npm/node_modules/express');

var fs = require('fs');
var http = require('http');
var https = require('https');
var key = fs.readFileSync('./private.key');
var cert = fs.readFileSync('./public.crt')
var options = {
    key: key,
    cert: cert
};
var PORT = 8000;
var HOST = 'localhost';

var app = express();

var httpServer = https.createServer(app);
var httpsServer = https.createServer(options, app);

httpServer.listen(PORT);

httpsServer.listen(443);    

// routes
app.get('/hey', function(req, res) {
    sendToClient("HO!", res, 200, "text/plain");
});

function getHeader(type){
    return {"Content-Type": type};
}

function sendToClient(data, res, code, type){
    res.writeHead(code, getHeader(type));
    (type === "text/html" || type === "text") ? res.end(data, "utf-8") : res.end(data);
}

Upvotes: 1

Views: 10604

Answers (1)

Volem
Volem

Reputation: 636

Your certificate is valid, however the provider of the certificate is not the original issuer of this certificate.

So you need to provide the whole chain certificate at your localhost to make it work. https://certificatechain.io/ seems like they are providing a service for this, but haven't tried. Better way is to check with your certificate provider.

Self signed certificates also bring such an error.

EDIT Seems like the problem was more basics. Updating the solution

Try to play with your etc/hosts file to show the real domain name at your localhost. Right now it is looking for a domain called localhost and I don't think that you get a certificate for your localhost :) \Windows\System32\drivers\etc\hosts at windows environment

For your basic request of /hey please insert this codeblock

app.get('/hey', function(req, res){
    res.send('HO!');
});

Upvotes: 2

Related Questions