node.js和nginx SSL握手失败
[英]node.js and nginx SSL handshake failure
问题描述
I'm trying to create a basic SSL connection from a node.js app to a locally hosted nginx server; 
我正在尝试从node.js应用程序创建一个基本的SSL连接到本地托管的nginx服务器; it involves sending the client's credentials as well. 它还涉及发送客户端的凭据。 The handshake seems like it was successful as calling "verifyPeer" from within a "secure" event verifies that much. 握手似乎是成功的,因为从“安全”事件中调用“verifyPeer”验证了那么多。 However, the server continues to respond with nothing but a 400 response. 但是,服务器继续只响应400响应。
If I make the same request with curl on the command line, I get back what I expect: 如果我在命令行上使用curl发出相同的请求,我会回到我的期望:
curl -v -E curl-test.crt --cacert ca.crt https://internal.url:7443/some.file
"curl-test.crt" was created by concatenating the client key and certificate together. “curl-test.crt”是通过将客户端密钥和证书连接在一起而创建的。
Here is the smallest bit of node.js code needed to get a failure: 这是获取失败所需的最小的node.js代码:
global.util = require('util');
var fs = require('fs'),
http = require('http'),
crypto = require('crypto');
var clientCert = fs.readFileSync("tmp/cert.crt", 'ascii'),
clientKey = fs.readFileSync("tmp/key.key", 'ascii'),
caCert = fs.readFileSync("tmp/ca.crt", 'ascii');
var credentials = crypto.createCredentials({"key": clientKey, "cert": clientCert, "ca": caCert});
var client = http.createClient(7443, "internal.url", true, credentials);
client.addListener("secure", function() {
if (!client.verifyPeer()) {
throw new Exception("Could not verify peer");
}
});
var request = client.request('GET', '/some.file', {});
request.on('response', function(response) {
response.on('data', function(body) {
util.log("body: " + body);
});
});
request.end();
And here is the response I get, no matter what "some.file" is changed to: 这里是我得到的响应,无论“some.file”改为:
body: <html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/0.6.32</center>
</body>
</html>
Any help in debugging or solving this issue would be fantastic 调试或解决此问题的任何帮助都会很棒
1 个解决方案
解决方案1
4 已采纳 2010-11-24 01:02:51
Are you getting this message in your nginx error log? 您是否在nginx错误日志中收到此消息?
2010/11/23 17:51:59 [info] 13221#0: *1 client sent HTTP/1.1 request without "Host" header while reading client request headers, client: 127.0.0.1, server: testme.local, request: "GET /some.file HTTP/1.1"
If so, you can fix it by simply adding the 'Host' header to your GET request like this: 如果是这样,您可以通过简单地将“主机”标头添加到您的GET请求来修复它,如下所示:
var request = client.request('GET', '/some.file', {'Host':'internal.url'});
Looks like nginx wants the Host header and node doesn't send it by default. 看起来nginx想要Host头,节点默认不发送它。 There's probably a way to configure nginx to default to the correct header value as well. 可能有一种方法可以将nginx配置为默认为正确的标头值。
Hope that helps! 希望有所帮助!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.