CODEWITHSUNDEEP
javascriptnode.jsexpresshttps
Zerok
Zerok

Reputation: 1503

Can't import .pem files to Express

I come from this other question which was left unanswered:

Well, I discovered something new. I still can't import my certificate and when I try to execute my Node/express app, it fails with the same error, but now I think that somehow, the fs package is not reading my .pem files correctly.

Take a look:

// Setup HTTPS
const httpsPort = 3443;
const options = {
  key: fs.readFileSync("./key.pem"),
  cert: fs.readFileSync("./cert.pem")
};

console.log("KEY: ", options.key)
console.log("CERT: ", options.cert)

var secureServer = https.createServer(options, app).listen(httpsPort, () => {
    console.log(">> CentraliZr listening at port "+httpsPort);
});

I get the following output:

C:\Zerok\dev\centralizr>node index.js
KEY:  <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 50 52 49 56 41 54 45 20 4b 45 59 2d 2d 2d 2d 2d 0d 0a 70 52 39 37 51 33 6f 50 5a 5a 59 75 39 46 6c 31 54 6d 30 0d 0a ... >
CERT:  <Buffer 2d 2d 2d 2d 2d 42 45 47 49 4e 20 43 45 52 54 49 46 49 43 41 54 45 2d 2d 2d 2d 2d 0a 4d 49 49 45 4a 54 43 43 41 36 79 67 41 77 49 42 41 67 49 49 48 48 ... >
_tls_common.js:85
      c.context.setKey(options.key, options.passphrase);
                ^

Error: error:0906D064:PEM routines:PEM_read_bio:bad base64 decode
    at Error (native)
    at Object.createSecureContext (_tls_common.js:85:17)
    at Server (_tls_wrap.js:776:25)
    at new Server (https.js:26:14)
    at Object.exports.createServer (https.js:47:10)
    at Object.<anonymous> (C:\Zerok\dev\centralizr\index.js:29:26)
    at Module._compile (module.js:570:32)
    at Object.Module._extensions..js (module.js:579:10)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)

As you may imagine, this is not even similar to what a real certificate, nor key file, looks like. They have the following content (there is no problem showing them since they are free, autosigned keys just for testing purposes):

enter image description here

enter image description here

So... what's wrong? Why does Node read these files as... a hex buffer? I don't really understand.

UPDATE:

Ok, thanks to Derek Brown, I can now see the content of both files, though I keep getting the same error: "bad base64 decode":

_tls_common.js:85
      c.context.setKey(options.key, options.passphrase);
                ^

Error: error:0906D064:PEM routines:PEM_read_bio:bad base64 decode
    at Error (native)
    at Object.createSecureContext (_tls_common.js:85:17)
    at Server (_tls_wrap.js:776:25)
    at new Server (https.js:26:14)
    at Object.exports.createServer (https.js:47:10)
    at Object.<anonymous> (C:\Zerok\dev\centralizr\index.js:29:26)
    at Module._compile (module.js:570:32)
    at Object.Module._extensions..js (module.js:579:10)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)

Upvotes: 2

Views: 5001

Answers (2)

nnsk
nnsk

Reputation: 133

This is because the PEM file is not being parsed. The actual certificate is between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----. Yet the key and cert which are console.logged begin with 2d 2d 2d 2d 2d which is hex for -----.

This code should fix that issue:

options = {
  key: fs.readFileSync("./key.pem").split("-----")[3], 
  cert: fs.readFileSync("./cert.pem").split("-----")[3]
}

Upvotes: 0

Derek Brown
Derek Brown

Reputation: 4419

readFileSync(...) returns a hex buffer if no encoding is specified. You should specify the encoding as utf8 (or whatever file encoding you are using) so that this doesn't happen:

const options = { key: fs.readFileSync("./key.pem", "utf8"), cert: fs.readFileSync("./cert.pem","utf8") };

Upvotes: 3

Related Questions