Node.js SSL authentication
Question
I set up a HTTPS node.js server, but I'm having trouble understanding how to use it correctly.
app.get('/test', function(req, res){
console.log('got in');
if(req.client.authorized){
res.send(200, 'certified');
}else{
res.send(200, 'idk who you are');
}
});
require('https').createServer({
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
requestCert: true,
rejectUnauthorized: false
}, app).listen(8080);
What does the client have to do to be 'authorized' on my server?
I can browse to
https://localhost:8080/test
and it tells me that my certificate isn't trusted (that's okay, the SSL is self signed for now.). I proceed anyway but I always go to 'idk who you are', meaning the SSL authentication failed.
I'm pretty sure I'm missing a step here.
PS, if it is important, I am setting up SSL for encryption purposes.
1 answers
solution1
1 2014-06-25 16:56:08
The authorized property is false because the certificate provided by the client is not signed by a trusted certificate authority. Being as rejectUnauthorized is false, the connection is not rejected, rather it is marked as un-authorized.
See here - https://github.com/joyent/node/blob/master/lib/_tls_wrap.js#L512
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.