Menu
I have a server written in node which implements a secure two-way SSL web-server:
var https = require('https');
var express = require('express');
var app = express();
var options {
key: ...,
cert: ...,
ca: ...,
requestCert: true,
rejectUnauthorized: true
};
https.createServer(options, app).listen(port, host);
But for some unknown reason, the client fails to connect. So it would be great if I could get any logs on why the connection has failed.
So far, all the logs I can get come from app which is an express object. But the problem is that when a connection is rejected due to a certificate issues, it does not reach express so I get no error logs. How can I get logs from https server?
242
The SSL or TLS handshake enables the SSL or TLS client and server to establish the secret keys with which they communicate. This section provides a summary of the steps that enable the SSL or TLS client and server to communicate with each other: Agree on the version of the protocol to use. Select cryptographic algorithms.
In overview, the steps involved in the SSL handshake are as follows: The SSL or TLS client sends a client hello message that lists cryptographic information such as the SSL or TLS version and, in the client's order of preference, the CipherSuites supported by the client.
To get started with HTTPS in Node.js, we will first need to include it in our project: To create the secure, HTTPS server, we can start by creating a self-signed SSL certificate for ourselves. Speaking of SSL certificates, they are two kinds; those signed by a ‘Certified Author’, also known as CA, and those that are ‘self-signed’.
But there’s also an HTTPS module that we have to use in order to communicate over a secure channel with the client. This is a built-in module, and the usage is very similar to how we use the HTTP module: Ignore the /srv/www/keys/my-site-key.pem and and /srv/www/keys/chain.pem files for the moment.
I've run into this problem as well and while I couldn't come up with a solution that logs all the errors within the https module, I was able to get it to log debug information by using:
NODE_DEBUG='tls,https' node server.js
This isn't ideal as it doesn't give you the exact error (eg: Bad SSL Handshake) and the related traceback, it does give you information like TLS: onhandshakestart which lets you figure out if there was an error if you can't find a corresponding TLS: onhandshakeend in the logs.
65
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
