I have installed nodejs and ssl on my sever
and my app.js code
var sslOptions = {
key: fs.readFileSync('/etc/ssl/private/private.key'),
cert: fs.readFileSync('/etc/ssl/certs/cert.com.crt'),
requestCert: true,
ca: fs.readFileSync('/etc/ssl/certs/ca.crt'),
rejectUnauthorized: false
};
var secureServer = https.createServer(sslOptions,app).listen(443, function(){
console.log("Express server listening on port ");
});
Now when i check
https://www.sslshopper.com/
it is giving me error
The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following Comodo's Certificate Installation Instructions for your server platform (use these instructions for InstantSSL). Pay attention to the parts about Intermediate certificates.
Any idea ?
How to fix this
How to Fix the Incomplete Certificate Chain Warning. To fix this issue, you need to modify/add an active intermediate certificate so if you are a Cloudways client then it is just a matter of copy and paste instead of running several commands on your server.
The easiest solution to resolve these errors is to use the “rejectUnauthorized” option shown below. However, this method is unsafe because it disables the server certificate verification, making the Node app open to MITM attack.
To download your intermediate certificate for installation on your server, follow these steps: After logging in, click “SSL Certificates” in the left navigation menu. Click on the name of the certificate you want to download. Click on the link to download the intermediate certificate.
Comment out the line where you add the ca bundle. Copy all the text from ca.crt and paste them in cert.com.crt(don't replace the previous cert, just paste under it). It should work fine now.
var sslOptions = {
key: fs.readFileSync('/etc/ssl/private/private.key'),
cert: fs.readFileSync('/etc/ssl/certs/cert.com.crt'),
requestCert: true,
//ca: fs.readFileSync('/etc/ssl/certs/ca.crt'),
rejectUnauthorized: false
};
var secureServer = https.createServer(sslOptions,app).listen(443, function(){
console.log("Express server listening on port ");
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With