Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ERR_SSL_VERSION_OR_CIPHER_MISMATCH in node js

Tags:

node.js

ssl

server

tls1.2

I recently purchased a personal ssl certificate from Positive ssl. After i got everything sorted out with activating it and the validation, I was finally able to download the certificate files.

The files i got were:

www.niknet.ddns.net.ca-bundle
www.niknet.ddns.net.crt
www.niknet.ddns.net.p7b

Before I only used .key and .crt and it worked great but now i am using the .ca-bundle and the .crt file this is the code i use to include those files into the ssl library in node js

var httpPort = process.env.PORT || 80;
var httpsPort = process.env.PORT || 443;
var server = http.createServer(app).listen(httpPort);
var server = https.createServer({
    secureProtocol : 'TLSv1_2_server_method',
    ciphers : "AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH",
    honorCipherOrder : true,
    ca: fs.readFileSync(__dirname + '/niknet_ddns_net.ca-bundle'),
    cert: fs.readFileSync(__dirname + '/niknet_ddns_net.crt')

    },app).listen(httpsPort);
var io = require('socket.io').listen(server);

but I can't for the life of me get the certificate to work properly. I just get this error

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

I've been reading other posts and have tried adding their code but nothing works. I also read somewhere that the ssl or tls library for node.js is outdated and that my certificate could be too new. If that's true, are there any other third-party ssl libraries I could use?

like image 883
Nik Hendricks Avatar asked Oct 28 '25 17:10

Nik Hendricks

2 Answers

run this command:

openssl req -nodes -new -x509 -keyout server.key -out server.cert

Just remember to set this to localhost:

Common Name (e.g. server FQDN or YOUR name) []: localhost

then

 https.createServer({
    key: fs.readFileSync('./ssl/server.key'),
    cert: fs.readFileSync('./ssl/server.cert')
  },app)

ERR_SSL_VERSION_OR_CIPHER_MISMATCH will appear if the added certificate are not indicated properly in the first argument of createServer().

like image 123
Badr Bellaj Avatar answered Oct 31 '25 08:10

Badr Bellaj

tested key and crt with openssl using bellow command (try in browser https://hostname:8888).. and found the exact cipher missing.

openssl s_server -cert server.crt -key server.key -CAfile octopz.zende.sk.ca-bundle -accept 8888 -www

Then added to the nodejs code.

var server = https.createServer({
    key: privateKey,
    cert: certificate,
    ca: certificateAuthority,
    ciphers: [
        "ECDHE-RSA-AES128-SHA256",
        "DHE-RSA-AES128-SHA256",
        "AES128-GCM-SHA256",
        "RC4",
        "HIGH",
        "!MD5",
        "!aNULL"
    ].join(':'),
}, app);

it worked!!

like image 24
nipuna Avatar answered Oct 31 '25 07:10

nipuna
Sign in to Comment

Related questions

Passport.js always executing "failureRedirect"
Socket.io not sending cookies in the handshake causing the request to stall
JavaScript - Send email using AWS SES
Nginx remove port number :8080 in the url
After npm run deploy errors occured
Converting Java crypto code to NodeJS
Sign up with Twitter Error. Could not authenticate
Can't import global package in Node even though NODE_PATH is set?
How to sanitized HTML in React?
Npm not running in terminal vite
Docker Node permission denied when using non-root user
How can I get more colors for node.js console
How to refresh form page after POST request?
How do I add to 'view options' in Express?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!