本文介绍了使用godaddy gd_bundle.crt运行SSL node.js服务器的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我无法让我的SSL服务器使用来自godaddy的证书

I am having trouble getting my SSL server working with the certificate's from godaddy

使用Express:3.1.0

Using Express: 3.1.0

下面的内容是使用本地生成的密钥/ crt /不是由go daddy签名的(浏览器会抱怨,但如果添加例外情况则会有效。

var http = require('https');    
var privateKey  = fs.readFileSync('/var/www/dev/ssl/server.key').toString();
    var certificate = fs.readFileSync('/var/www/dev/ssl/server.crt').toString();
    var credentials = {key: privateKey, cert: certificate};
    var https = http.createServer(credentials, app);

对于godaddy,我提供了一个额外的文件gd_bundle.crt我相信你这样实现,但是我收到错误

var http = require('https');
    var privateKey  = fs.readFileSync('/var/www/prod/ssl/mysite.key').toString();
    var certificate = fs.readFileSync('/var/www/prod/ssl/mysite.com.crt').toString();
    var ca = fs.readFileSync('/var/www/prod/ssl/gd_bundle.crt').toString();
    var credentials = {key: privateKey, cert: certificate, ca: ca};
    var https = http.createServer(credentials, app);

使用此配置,我得到:错误107(net :: ERR_SSL_PROTOCOL_ERROR):SSL协议错误。

With this configuration I get: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

说实话,我不是在创建他们的密钥/证书我们的服务人员...我不确定如果我正在实施那些不正确的教父或者如果那里我可以解决问题是一种确保他正确设置密钥/ crt文件的方法....

Truth be told I am not creating they keys/certs our devops guy does... I am not sure how I can troubleshoot if I am implementing the godaddy ones incorrectly or if there is a way to ensure he setup the key/crt files correctly....

有没有人明显看错了?

推荐答案

节点要求CA链中的每个证书在数组中单独传递。 gd_bundle.crt 可能如下所示:

Node requires each certificate in the CA chain to be passed separately in an array. gd_bundle.crt probably looks like this:

-----BEGIN CERTIFICATE-----
MIIE3jCCA...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEADCCA...
-----END CERTIFICATE-----

每个证书都需要放在自己的文件中(即 gd1.crt gd2.crt )并单独阅读。

Each certificate needs to be put in its own file (ie gd1.crt and gd2.crt) and read separately.

https.createServer({
    key: fs.readFileSync('mysite.key'),
    certificate: fs.readFileSync('mysite.crt'),
    ca: [fs.readFileSync('gd1.crt'), fs.readFileSync('gd2.crt')]
});

这篇关于使用godaddy gd_bundle.crt运行SSL node.js服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-22 03:12