[英]Broken HTTPS SSL in express-js server (net::ERR_CERT_COMMON_NAME_INVALID)
[英]Chrome (net::ERR_CERT_COMMON_NAME_INVALID) errors on SSL self-signed certificate
我正在尝试在 Windows 10 上使用Express.js的自签名证书在本地主机上设置一个站点。这是 Express.js 服务器代码。
索引.js
const https = require('https')
const express = require('express')
const app = express()
const fs = require('fs')
const path = require('path')
const httpsOptions = {
cert: fs.readFileSync(path.resolve(__dirname, 'ssl', 'ca.crt')),
key: fs.readFileSync(path.resolve(__dirname, 'ssl', 'ca.key'))
}
const router = require('./router')
app.use('/people', router)
https.createServer(httpsOptions, app)
.listen(3443)
我还将证书颁发机构ca.crt文件导入到 chrome,并重新启动了 chrome。 但是我在 chrome 上仍然有错误,如下所示:
请指导如何解决这个问题谢谢
我使用以下命令创建了密钥和证书。
# certificate authority key
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out ca.key
# server key
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out server.key
# certificate authority
openssl req -new -x509 -days 365 -key ca.key -subj "/CN=Test CA/O=Test Organization" -out ca.crt
# certificate signing request
openssl req -new -key server.key -subj "/CN=localhost/O=Test Organization" -out server.csr
# server certificate
openssl x509 -days 365 -req -in server.csr -CAcreateserial -CA ca.crt -CAkey ca.key -out server.crt
# verification
openssl verify -verbose -CAfile ca.crt server.crt
系统信息
花了几个小时试图解决这个问题。 以下方式对我有用:
创建一个配置文件(例如 req.cnf)
[req]
distinguished_name = req_distinguished_name
x509_extensions = v3_req
prompt = no
[req_distinguished_name]
C = US
ST = VA
L = SomeCity
O = MyCompany
OU = MyDivision
CN = local.com
[v3_req]
keyUsage = critical, digitalSignature, keyAgreement
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = local.com
IP.1 = 127.0.0.1
然后生成证书和私钥
openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout local.com.key -out local.com.crt -config req.cnf -sha256
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.