操作系统:Windows 10
Node.js 版本:node-v8.11.4-win-x64
节点锻造版本:0.7.7-dev
人们,
我在尝试创建 Node.js https 服务器时遇到了困难。
服务器背后的想法是它仅适用于本地环回请求。
考虑到这一点并为了隐私,我想到了在每次服务器重新启动时更新一次性自签名证书。
根据建议,我尝试使用 node-forge 模块来生成一次性证书。
阅读他们的说明https://www.npmjs.com/package/node-forge我有一个非常简单的代码:
var https = require('https');
var forge = require('node-forge');
forge.options.usePureJavaScript = true;
var pki = forge.pki;
var keys = pki.rsa.generateKeyPair(2048);
var cert = pki.createCertificate();
cert.publicKey = keys.publicKey;
cert.serialNumber = '01';
cert.validity.notBefore = new Date();
cert.validity.notAfter = new Date();
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear()+1);
var attrs = [
{name:'commonName',value:'example.org'}
,{name:'countryName',value:'US'}
,{shortName:'ST',value:'Virginia'}
,{name:'localityName',value:'Blacksburg'}
,{name:'organizationName',value:'Test'}
,{shortName:'OU',value:'Test'}
];
cert.setSubject(attrs);
cert.setIssuer(attrs);
cert.sign(keys.privateKey);
var pem_pkey = pki.publicKeyToPem(keys.publicKey);
var pem_cert = pki.certificateToPem(cert);
console.log(pem_pkey);
console.log(pem_cert);
https.createServer( { key:pem_pkey, cert:pem_cert },(req,res)=>
{
res.writeHead(200, {'Content-Type': 'text/plain'});
res.end('Hello World\n');
}).listen(443);
然后它会发出一个错误,我完全不知道发生了什么:
E:\forge_case\node-v8.11.4-win-x64>node.exe index.js
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTmxd1fWK+XL2Cp5+n82
mSe6iqM3qvwMEC+pIAlhpbangujOzKghnJaX4QsmBBBumNRN3zR2UOUAeYHmPS8v
3dbmgStB023aiFJ82ozewuGlykdQUFxWfR+OUA3xZcFZ7Ma+67tSJNtnkW4wNhzR
XImTCHYknu2dBAm7V2tGZKq/ZrKnY+f1VTW9t3jpw55ACjsFkMfqUenfDDAVFMwm
NnRpX1ecyVd2TEoeQ95k+q4Exm5AbxuqVMXVKHXMNZlq2ftG8tcrYS95Z3cAakVm
sxX8/BMZGZILG/30fdLPL8bZqGV+BXzz2AJ0egKLivunPtRpyI+Id0v1jYsrZ/9L
YwIDAQAB
-----END PUBLIC KEY-----
-----BEGIN CERTIFICATE-----
MIIDSzCCAjOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBpMRQwEgYDVQQDEwtleGFt
cGxlLm9yZzELMAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRMwEQYDVQQH
EwpCbGFja3NidXJnMQ0wCwYDVQQKEwRUZXN0MQ0wCwYDVQQLEwRUZXN0MB4XDTE4
MDgyMTE5Mzk1N1oXDTE5MDgyMTE5Mzk1N1owaTEUMBIGA1UEAxMLZXhhbXBsZS5v
cmcxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhWaXJnaW5pYTETMBEGA1UEBxMKQmxh
Y2tzYnVyZzENMAsGA1UEChMEVGVzdDENMAsGA1UECxMEVGVzdDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAJE5sXdX1ivly9gqefp/NpknuoqjN6r8DBAv
qSAJYaW2p4LozsyoIZyWl+ELJgQQbpjUTd80dlDlAHmB5j0vL93W5oErQdNt2ohS
fNqM3sLhpcpHUFBcVn0fjlAN8WXBWezGvuu7UiTbZ5FuMDYc0VyJkwh2JJ7tnQQJ
u1drRmSqv2ayp2Pn9VU1vbd46cOeQAo7BZDH6lHp3wwwFRTMJjZ0aV9XnMlXdkxK
HkPeZPquBMZuQG8bqlTF1Sh1zDWZatn7RvLXK2EveWd3AGpFZrMV/PwTGRmSCxv9
9H3Szy/G2ahlfgV889gCdHoCi4r7pz7UaciPiHdL9Y2LK2f/S2MCAwEAATANBgkq
hkiG9w0BAQUFAAOCAQEAgTGiTF6BDLX3w1PfJxXYYzVBoN8NlL979mcfRVhvLH/N
lEaaQvGhDSrp97s9K0kEw3A16WzUwnysoX1uOdlHHp78v2tXaffDzXTnH75CN4pd
qNHuy05AFIoiBujZR67OR4ipcKZ9USYz0QZysMFyzCxum2btLPvrs+onIxdvsuA+
Xe9vFxj+AJ4hv03tDuQXj+pZ2dflWyy5ZdaMDeUjWtSK9MHPn6rs5Fs340B4NnxL
3Y6RKDj4CerGbtufR73UNirNfmbqiAybZ6vG1RaL2oBiHdoJfpB/FLm7QFn34apq
A1Kd1VPShBC4G/4S+0E6U84D4xNJcjT6NfzDGBD6Ng==
-----END CERTIFICATE-----
_tls_common.js:104
c.context.setKey(options.key, options.passphrase);
^
Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
at Object.createSecureContext (_tls_common.js:104:17)
at Server (_tls_wrap.js:805:25)
at new Server (https.js:54:14)
at Object.createServer (https.js:76:10)
at Object.<anonymous> (E:\forge_case\node-v8.11.4-win-x64\index.js:33:7)
at Module._compile (module.js:652:30)
at Object.Module._extensions..js (module.js:663:10)
at Module.load (module.js:565:32)
at tryModuleLoad (module.js:505:12)
at Function.Module._load (module.js:497:3)
有什么想法吗?谢谢!
var pem_pkey = pki.privateKeyToPem(keys.privateKey);