mac验证失败使用节点与SSL证书
问题描述:
在节点api文档中指定我尝试使用openssl自我创建和签名证书的第一个。一切都很顺利,除了事实上无法从android测试客户端,因为它需要一个ca证书。当我尝试第二种方法(即以PFX,而不是用钥匙,CERT)https.createserver抛出一个错误mac验证失败使用节点与SSL证书
crypto.js:145
c.context.loadPKCS12(pfx);
^
Error: mac verify failure
at Object.exports.createCredentials (crypto.js:145:17)
at Server (tls.js:1130:28)
at new Server (https.js:35:14)
at Object.exports.createServer (https.js:54:10)
at Object.<anonymous> (C:\iTollonServer\iTollonServer\iTollonServer\app.js:105:7)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
从节点API代码:在PFX情况下
// curl -k https://localhost:8000/
var https = require('https');
var fs = require('fs');
var options = {
key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(8000);
Or
var https = require('https');
var fs = require('fs');
var options = {
pfx: fs.readFileSync('server.pfx')
};
https.createServer(options, function (req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(8000);
答
以及您应该添加如果你正在寻找在MAC node.js的实施样本apnagent样本选择
passphrase: 'password'
,像我这样的,原来的样本文件不完整仅通过设置** agent.set(“PFX文件”, pfx); **,你还需要添加一个li ne as:** agent.set(“passphrase”,); **以避免mac验证失败 –
以下是有关参数的文档:https://nodejs.org/api/tls的.html#tls_tls_createserver_options_secureconnectionlistener – Coreus