Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Can nodejs generate SSL certificates?

I'm writing a proxy support HTTPS-HTTPS proxy. Before i use Python as the main programming language, but i'm interested in node.js now, so i prepare to migrate.

The largest problem i'm facing is that i don't know how to generate CA and other server certificates in node.js. In Python, there is pyOpenSSL which is awesome. I don't find something similar in node.js until now.

Maybe i should use openssl-fork method? But how to handle the interactive operation in openssl.

Thank you.

like image 736
ayanamist Avatar asked Mar 01 '12 16:03

ayanamist


People also ask

Can you create an HTTPS Web service with node js?

By simply installing the Express NodeJS package and creating a simple configuration script, you can have a secure web service running over HTTPS.

Can we generate SSL certificate?

You can use the OpenSSL toolkit to generate a key file and Certificate Signing Request (CSR) which can then be used to obtain a signed SSL certificate.

How do you resolve certificate errors in a node js app with SSL calls?

The easiest solution to resolve these errors is to use the “rejectUnauthorized” option shown below. However, this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack.


2 Answers

Use shell for certificate:

openssl genrsa -out server-key.pem 1024 openssl req -new -key server-key.pem -out server-csr.pem openssl x509 -req -in server-csr.pem -signkey server-key.pem -out server-cert.pem 

Then use them in node.js

var https = require('https'); https.createServer({     key: fs.readFileSync('server-key.pem'),     cert: fs.readFileSync('server-cert.pem') }, function (req,res) {       ...  }) 

EDIT:

You can also give a try to this project in NPM : https://npmjs.org/package/openssl-wrapper

I found it searching the NPM repo : https://npmjs.org/search?q=openssl

I did not tried or checked it myself, but it looks like a way to generate the certificate using node, which is the original question.

var openssl = require('openssl-wrapper'); var password = 'github';  return openssl.exec('genrsa', {des3: true, passout: 'pass:' + password, '2048': false}, function(err, buffer) {     console.log(buffer.toString()); }); 

I'd be interested by a feedback. ;)

like image 80
Nicocube Avatar answered Nov 04 '22 06:11

Nicocube


In case somebody does want to programatically create CSRs from node.js, I have created a nodejs module which uses openssl to create a private key and a CSR.

Edit: Use pem instead. It is much more complete and probably more reliable.

Edit2: Actually, pem is also just a simple wrapper over openssh. For a pure js implementation, look into forge

like image 43
Eric Vicenti Avatar answered Nov 04 '22 07:11

Eric Vicenti