Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

NodeJS: Validate certificate in DER format

I'm using crypto module to validate a certificate, but both, my certificate and my public key are in DER format. It seems that crypto module does not accept this format.

Is there a way (or module) to convert DER to PEM format using NodeJS? I couldn't find any and cannot use command line to call openssl via shell.

UPDATE: It's not about HTTPS certificates. It's about general X.509 certificates. And if you mark the question as negative, please leave a comment to justify it. Don't be a stupid if you are not able to help.

like image 266
blzn Avatar asked Aug 13 '15 15:08

blzn


People also ask

What is DER format?

DER (Distinguished Encoding Rules) is a binary encoding for X. 509 certificates and private keys. Unlike PEM, DER-encoded files do not contain plain text statements such as -----BEGIN CERTIFICATE----- . DER files are most commonly seen in Java contexts.

What is rejectUnauthorized?

rejectUnauthorized : If true , the server certificate is verified against the list of supplied CAs. An error event is emitted if verification fails; err. code contains the OpenSSL error code.

What is Node_extra_ca_certs?

NODE_EXTRA_CA_CERTS. From Node version 7.3. 0, NODE_EXTRA_CA_CERTS environment variable is introduced to pass in a CA certificate file. This allows the “root” CAs to be extended with the extra certificates in the file. The file should consist of one or more trusted certificates in PEM format.


1 Answers

I think the PEM format is just the DER binary data that has been base64 encoded, split into 64 character lines, and wrapped between '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----'.

So you could do this:

var prefix = '-----BEGIN CERTIFICATE-----\n';
var postfix = '-----END CERTIFICATE-----';
var pemText = prefix + derBuffer.toString('base64').match(/.{0,64}/g).join('\n') + postfix;

You will not need to put a '\n' before the postfix because the last match of the der buffer should be an empty string '', so there will be a '\n' at the end of derBuffer.toString('base64').match(/.{0,64}/g).join('\n')

like image 181
Nick Sotiros Avatar answered Nov 05 '22 21:11

Nick Sotiros