问题描述

在Node api doc中指定我尝试使用openssl自带创建并签名的第一个证书。一切都很顺利，除了无法从Android测试客户端这一事实，因为它需要一个ca证书。当我尝试第二种方法（使用pfx但不使用密钥，cert）时，https.createserver会抛出错误

as specified in the Node api doc I tried the first one with a self created and signed cert using openssl. Everything was going fine except the fact that the couldn't test the client side from an android because it was needed a ca certificate. When I try the second method (that with pfx and not with key,cert) https.createserver throws an error

crypto.js:145
      c.context.loadPKCS12(pfx);
                ^
Error: mac verify failure
    at Object.exports.createCredentials (crypto.js:145:17)
    at Server (tls.js:1130:28)
    at new Server (https.js:35:14)
    at Object.exports.createServer (https.js:54:10)
    at Object.<anonymous> (C:\iTollonServer\iTollonServer\iTollonServer\app.js:105:7)
    at Module._compile (module.js:456:26)
    at Object.Module._extensions..js (module.js:474:10)
    at Module.load (module.js:356:32)
    at Function.Module._load (module.js:312:12)
    at Function.Module.runMain (module.js:497:10)

来自Node Api的代码：

code from Node Api:

// curl -k https://localhost:8000/
var https = require('https');
var fs = require('fs');

var options = {
  key: fs.readFileSync('test/fixtures/keys/agent2-key.pem'),
  cert: fs.readFileSync('test/fixtures/keys/agent2-cert.pem')
};

https.createServer(options, function (req, res) {
  res.writeHead(200);
  res.end("hello world\n");
}).listen(8000);
Or

var https = require('https');
var fs = require('fs');

var options = {
  pfx: fs.readFileSync('server.pfx')
};

https.createServer(options, function (req, res) {
  res.writeHead(200);
  res.end("hello world\n");
}).listen(8000);

推荐答案

在pfx情况下你应该添加选项

well in the pfx case you should add the option

passphrase: 'password'

这篇关于mac使用带有ssl证书的Node验证失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！