通过https服务的Node.js
[英]Node.js serving over https
问题描述
I'm testing Node.js application over https connection where I created certificates for localhost, 
我正在通过https连接测试Node.js应用程序,其中我为本地主机创建了证书,
Certificate creation, 证书创建,
$ openssl genrsa -out localhost.key 2048
$ openssl req -new -x509 -key localhost.key -out localhost.cert -days 3650 -subj /CN=localhost
Use this in server, 在服务器上使用它,
var options = {
key: fs.readFileSync('./localhost.key'),
cert: fs.readFileSync('./localhost.cert'),
};
var http2 = require('http2');
var app = express();
const server = http2.createSecureServer( options, app);
server.listen({ host: app_host, port: port});
Start the node.js server as, 启动node.js服务器,
$ node server.js
Tested using simple curl command as,
$ curl -k https://localhost:9000/getcpuinfo
{"hw": ...}
"-k" option is to ignote certificate validation step. “ -k”选项用于ignote证书验证步骤。
But if I try to use pythons 'requests' module as shown below the request fails, $ python import requests 但是,如果我尝试使用pythons'requests'模块,如下所示,请求失败,则$ python import requests
requests.get(" https://localhost:9000/getcpuinfo ") requests.exceptions.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",)
So I used 'verify' option to make the request, it still fails. 因此,我使用“验证”选项进行了请求,但仍然失败。
requests.get(" https://localhost:9000/getcpuinfo ", verify=False) requests.exceptions.SSLError: ("bad handshake: SysCallError(-1, 'Unexpected EOF')",)
What am I doing wrong? 我究竟做错了什么? How do I workaround this issue using 'requests' module'? 如何使用“请求”模块解决此问题? Shouldn't 'verify' prevent the check? 不应该“验证”阻止检查吗?
3 个解决方案
解决方案1
0 2017-11-14 21:50:08
您无法通过本地主机生成https证书。
解决方案2
0 2017-11-14 22:15:41
The Python requests module does not connect to HTTP/2 servers, it only supports up to HTTP/1.1: Python请求模块不连接到HTTP / 2服务器,它仅支持HTTP / 1.1:
Requests allows you to send organic, grass-fed HTTP/1.1 requests , without the need for manual labor.
If you compile curl with HTTP/2 support, then it will work. 如果使用HTTP / 2支持编译curl,它将起作用。 The curl packages pre-installed on most Linux distros and MacOS aren't and probably won't work. 大多数Linux发行版和MacOS上预装的curl软件包无法使用,并且可能无法使用。
Since HTTP/2 support in Node is experimental and client support is pretty bad outside of modern web browsers, I would not suggest you use it at this time unless you're specifically targeting web browsers or want to use a HTTP/2-capable web server that can support both HTTP/2 and HTTPS. 由于Node中对HTTP / 2的支持是试验性的,并且在现代Web浏览器之外的客户端支持非常差,因此,除非您专门针对Web浏览器或要使用支持HTTP / 2的Web,否则我建议您此时不要使用它。同时支持HTTP / 2和HTTPS的服务器。
If you do need to connect to HTTP/2 servers from Python, there is the (also unstable) hyper module that does connect to a node.js HTTP/2 server. 如果确实需要从Python连接到HTTP / 2服务器,则有一个(也是不稳定的) hyper模块可以连接到node.js HTTP / 2服务器。 It currently doesn't allow you to disable certificate verification , so it will not be a drop-in replacement for requests. 当前, 它不允许您禁用证书验证 ,因此,它不能替代请求。
解决方案3
0 已采纳 2017-11-15 23:10:34
It seems that there is a utility as part of nghttp2 called 'h2load' which works out of box for both protocols (http/1 and http/2). nghttp2中似乎有一个名为“ h2load”的实用程序,它对两种协议(http / 1和http / 2)都是开箱即用的。 Thanks for all the answers/hints. 感谢您提供所有答案/提示。
https://nghttp2.org/documentation/h2load-howto.html#basic-usage https://nghttp2.org/documentation/h2load-howto.html#basic-usage
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.