NodeJs tls.createServer equivalent to Apache SSLCertificateChainFile?

Question

I have an Apache config for SSL like so:

SSLCertificateFile ~/certs/server.crt
SSLCertificateKeyFile ~/certs/server.key
SSLCertificateChainFile ~/certs/bundle.crt

Now in my NodeJs server, I am using grunt with grunt-connect as the server.

The documentation for grunt-connect says that it can be configured using the following syntax.

grunt.initConfig({
  connect: {
    server: {
      options: {
        protocol: 'https',
        port: 8443,
        key: grunt.file.read('server.key').toString(),
        cert: grunt.file.read('server.crt').toString(),
        ca: grunt.file.read('ca.crt').toString()
      },
    },
  },
});

I need this configuration to match my Apache configurations. It has a certificate file, and a key file, and also a bundle file.

Looking at the documentation for the tls.createServer in NodeJs, I do not see an option that looks like it could be equivalent to SSLCertificateChainFile.

How can I make my NodeJs connect server mirror the same SSL configuration as my Apache server?

EDIT

I will also award the bounty to someone who can do this:

Create a SSCCE Gruntfile that demonstrates how to configure connect to accept a server certificate and bundle certificate.

What have you been tested so far? What issue are you having? — Diosney, Mar 24 '14 at 20:02
@diosney I can start the server, but I get an error when I connect, saying unable to establish a secure connection. This is because I have not not started connect with the chain file, as I have with Apache. That's why I need to find out what the equivalent is - or some other way to make it work. — bguiz, Mar 25 '14 at 01:12

score 0 · Answer 1 · answered Mar 27 '14 at 15:01

0

You may try concatenating server.crt and ca.crt files in one file and using result in cert option. Don't use ca option, as per docs it is needed only 'if the client uses the self-signed certificate'.

answered Mar 27 '14 at 15:01

Jakub Fedyczak

2,174
1
13
15

@bguiz Order of certificate is important in concatenated file. Did you try all the combinations? – Jakub Fedyczak Mar 27 '14 at 22:42
I have tried both of `cert: grunt.file.read('server.crt').toString() + grunt.file.read('bundle.crt').toString(),` and `cert: grunt.file.read('bundle.crt').toString() + grunt.file.read('server.crt').toString(),`... neither worked. – bguiz Mar 28 '14 at 00:18
Jakub, if you could put together a [SSCCE](http://www.sscce.org/) `Gruntfile` with connect configured to accept a server certificate and bundle certificate and demonstrate how to do this, it would be much appreciated. – bguiz Mar 28 '14 at 01:01
@bguiz I don't have proper experience in grunt, but one last thing I would try is adding `'\n'` (newline) between certs while concatenating. Or using text editor to do so. – Jakub Fedyczak Mar 28 '14 at 08:10

NodeJs tls.createServer equivalent to Apache SSLCertificateChainFile?

EDIT

1 Answers1