Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Running SSL node.js server with godaddy gd_bundle.crt

Tags:

node.js

https

ssl

x509

I am having trouble getting my SSL server working with the certificate's from godaddy

Using Express: 3.1.0

Below this works with a key/crt that was generated locally / not signed by go daddy (The browser complains but if you add exception it works.

var http = require('https');    
var privateKey  = fs.readFileSync('/var/www/dev/ssl/server.key').toString();
    var certificate = fs.readFileSync('/var/www/dev/ssl/server.crt').toString();
    var credentials = {key: privateKey, cert: certificate};
    var https = http.createServer(credentials, app);

With godaddy I am provided an extra file gd_bundle.crt which I believe you implement like this, however I am getting an error

var http = require('https');
    var privateKey  = fs.readFileSync('/var/www/prod/ssl/mysite.key').toString();
    var certificate = fs.readFileSync('/var/www/prod/ssl/mysite.com.crt').toString();
    var ca = fs.readFileSync('/var/www/prod/ssl/gd_bundle.crt').toString();
    var credentials = {key: privateKey, cert: certificate, ca: ca};
    var https = http.createServer(credentials, app);

With this configuration I get: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

Truth be told I am not creating they keys/certs our devops guy does... I am not sure how I can troubleshoot if I am implementing the godaddy ones incorrectly or if there is a way to ensure he setup the key/crt files correctly....

Does anyone see anything blatantly obviously wrong?

like image 469
nwkeeley Avatar asked Apr 25 '13 20:04

nwkeeley

People also ask

How do I get my CRT key from GoDaddy?

Login into GoDaddy and ReKey the Certificate, You'll have to Submit the CSR we've generated with the Private Key. Once you'll Rekey the Certificate, you'll be able to Install the certificate using the crt file you got, ca-bundle you got and the Private key we just made!

1 Answers

Node requires each certificate in the CA chain to be passed separately in an array. gd_bundle.crt probably looks like this:

-----BEGIN CERTIFICATE-----
MIIE3jCCA...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEADCCA...
-----END CERTIFICATE-----

Each certificate needs to be put in its own file (ie gd1.crt and gd2.crt) and read separately.

https.createServer({
    key: fs.readFileSync('mysite.key'),
    certificate: fs.readFileSync('mysite.crt'),
    ca: [fs.readFileSync('gd1.crt'), fs.readFileSync('gd2.crt')]
});
like image 89
josh3736 Avatar answered Oct 13 '22 23:10

josh3736
Sign in to Comment

Related questions

Socket.IO can't connect through https
NPM install : Git URL dependency error in package.json
How to install and run lessc on top of node.js and Windows?
how to avoid Uncaught ReferenceError
What are the differences between Koa and Express 4.0?
Node's del command - callback not firing
How to convert strings to bigInt in JavaScript
Uncaught TypeError: Cannot read property 'state' of null in react
Serverless Framework sls Conflicts with Powershell sls (Select-string)
using await on global scope without async keyword
Accessing handlebars variable via javascript
Node.js Base64 Image decoding and writing to file
Node.js http.createServer how to get error
What is the recommended way to drop indexes using Mongoose?
Nodejs send data in gzip using zlib
Node: import object array from another js file?
Node.js Authentication with Passport: How to flash a message if a field is missing?
How to expose my angular 4 to internet using ngrok?
Jade template how to add text after tag on the same level
display html page with node.js

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!