CODEWITHSUNDEEP
javascriptnode.jssslhttpsssl-certificate
John
John

Reputation: 6278

Nodejs certificate error while trying to create https server

I created an ssl certificate automatically with Let's Encrypt.

Now I'm trying to use them to create a https server with node.js

var https = require("https");

global.fs = require("fs");

var certContent = fs.readFileSync("/etc/letsencrypt/csr/0000_csr-certbot.pem", "utf8");
var keysContent = fs.readFileSync("/etc/letsencrypt/keys/0000_key-certbot.pem", "utf8");

console.log("Cert content:", certContent, keysContent);

var server = https.createServer(
{
    cert:certContent,
    key: keysContent
}, 
function(request, response)
{
    
});

On the create server call, it gives this error:

_tls_common.js:109
      c.context.setCert(cert);
                ^

Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
    at Object.createSecureContext (_tls_common.js:109:17)
    at Server (_tls_wrap.js:853:25)
    at new Server (https.js:60:14)
    at Object.createServer (https.js:81:10)
    at Object.<anonymous> (/home/foo/public_html/main.js:167:20)
    at Module._compile (module.js:641:30)
    at Object.Module._extensions..js (module.js:652:10)
    at Module.load (module.js:560:32)
    at tryModuleLoad (module.js:503:12)
    at Function.Module._load (module.js:495:3)

The console log shows this output:

Cert content:

-----BEGIN CERTIFICATE REQUEST-----
// base64 here
-----END CERTIFICATE REQUEST-----

-----BEGIN PRIVATE KEY-----
// base64 here
-----END PRIVATE KEY-----

Why is it saying that the pem files are invalid when they have the correct header and footer?

Upvotes: 0

Views: 924

Answers (2)

John
John

Reputation: 6278

After following aRvi and Steffen advice, I attempted to recreate the ssl certificates.

It turns out that it was failing to create them due to an error in the apache plugin for certbot.

It was trying to use a folder name that didn't exist:

FileNotFoundError: [Errno 2] No such file or directory: '/etc/httpd/conf.d/le_http_01_challenge_pre.conf'

So I told it the correct folder to use with this:

sudo /usr/local/bin/certbot-auto certonly --apache --apache-challenge-location /etc/httpd/conf

I was getting this error:

certbot: error: unrecognized arguments: ––apache-challenge-location /etc/httpd/conf

Because the two dashes in front of apache are the wrong dash character since I copied it off a user written blog that changed it incorrectly.

Upvotes: 0

Steffen Ullrich
Steffen Ullrich

Reputation: 123531

-----BEGIN CERTIFICATE REQUEST-----
// base64 here
-----END CERTIFICATE REQUEST-----

You are only providing a certificate request here. But it is expected that you actually provide the certificate, which will look like this:

-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

The certificates are probably somewhere below /etc/letsencrypt/live.

Upvotes: 1

Related Questions