How to log SSL handshake in node's https module

Question

I have a server written in node which implements a secure two-way SSL web-server:

var https = require('https');
var express = require('express');
var app = express();

var options {
  key: ...,
  cert: ...,
  ca: ...,
  requestCert: true,
  rejectUnauthorized: true
};
https.createServer(options, app).listen(port, host);

But for some unknown reason, the client fails to connect. So it would be great if I could get any logs on why the connection has failed.

So far, all the logs I can get come from app which is an express object. But the problem is that when a connection is rejected due to a certificate issues, it does not reach express so I get no error logs. How can I get logs from https server?

Answer 1

There is an option in the config for createServer called enableTrace that causes Node to print a ton of details about the handshake:

var options {
  key: ...,
  cert: ...,
  ca: ...,
  requestCert: true,
  rejectUnauthorized: true,
  enableTrace: true // Set this :)
};

See the docs for more info.

Answer 2

I've run into this problem as well and while I couldn't come up with a solution that logs all the errors within the https module, I was able to get it to log debug information by using:

NODE_DEBUG='tls,https' node server.js

This isn't ideal as it doesn't give you the exact error (eg: Bad SSL Handshake) and the related traceback, it does give you information like TLS: onhandshakestart which lets you figure out if there was an error if you can't find a corresponding TLS: onhandshakeend in the logs.