4

I created all need certificate for communication between client.js and server.js.Wenn i start client.js with node client.js while server is running. I get error:self signed certificate. But i constantly have problem with ca authority. How to create valid certificate if that is a problem?

This is my client.js script:

var tls = require('tls');
var fs = require('fs');

var options = {
  // These are necessary only if using the client certificate authentication (so yeah, you need them)
  key: fs.readFileSync('client-private-key.pem'),
  cert: fs.readFileSync('client-certificate.pem'),

  // This is necessary only if the server uses the self-signed certificate
  ca: [ fs.readFileSync('../server/server-certificate.pem') ]
};

var cleartextStream = tls.connect(443, options, function() {
  console.log('client connected',
              cleartextStream.authorized ? 'authorized' : 'unauthorized');
  process.stdin.pipe(cleartextStream);
  process.stdin.resume();
});
cleartextStream.setEncoding('utf8');
cleartextStream.on('data', function(data) {
  console.log(data);
});
cleartextStream.on('end', function() {
  server.close();
});

This is my server.js:

var tls = require('tls');
var fs = require('fs');

var options = {
  key: fs.readFileSync('server-private-key.pem'),
  cert: fs.readFileSync('server-certificate.pem'),

  // This is necessary only if using the client certificate authentication.
  // Without this some clients don't bother sending certificates at all, some do
  requestCert: true,

  // Do we reject anyone who certs who haven't been signed by our recognised certificate authorities
  rejectUnauthorized: true,

  // This is necessary only if the client uses the self-signed certificate and you care about implicit authorization
  ca: [ fs.readFileSync('../client/client-certificate.pem') ]

};

var server = tls.createServer(options, function(cleartextStream) {

  //Show the certificate info as supplied by the client
  console.log(cleartextStream.getPeerCertificate());

  console.log('server connected',
              cleartextStream.authorized ? 'authorized' : 'unauthorized');
  cleartextStream.write("welcome!\n");
  cleartextStream.setEncoding('utf8');
  cleartextStream.pipe(cleartextStream);
});
server.listen(443, function() {
  console.log('server bound');
});

Error is:

Error: self signed certificate
   at Error (native)
   at TLSSocket.<anonymous> (_tls_wrap.js:1017:38)
   at emitNone (events.js:67:13)
   at TLSSocket.emit (events.js:166:7)
   at TLSSocket._init.ssl.onclienthello.ssl.oncertcb.TLSSocket._finishInit (_tl
   s_wrap.js:582:8)
    at          TLSWrap.ssl.onclienthello.ssl.oncertcb.ssl.onnewsession.ssl.onhandshakedo
  ne (_tls_wrap.js:424:38)

P.S. I spent a lot of time(more then 12 hours) searching this on internet. So please no more tutorials

Filip Petrovic
  • 125
  • 1
  • 11
  • Possible duplicate of [How do I use a self signed certificate for a HTTPS Node.js server?](http://stackoverflow.com/questions/19665863/how-do-i-use-a-self-signed-certificate-for-a-https-node-js-server) – Marko Gresak Aug 02 '16 at 13:36
  • I edited it a little bit. I think it is explained better now. – Filip Petrovic Aug 02 '16 at 13:49

0 Answers0