I have a website "https://m.abc.com", when I tried to open this website then my website is working fine and I am able to see green lock on address bar, but when I try to open "https://m.abc.com:9090" (where my node server application is running) then I am getting one warning "your connection is not private.. attackers might be trying to steal your information from m.abc.com. NET::ERR_CERT_AUTHORITY_INVALID " with red warning sign on address bar. How can I get rid of this warning? And one more thing this is happening randomly on few android mobile only not on iPhone. And on Desktop site I am not getting any warning.
here is the sample code that is writtten in nodejs for https server:
var appPort = 9090;
var fs = require('fs');
var https = require('https');
var options = {
key: fs.readFileSync('/etc/httpd/sslcert/abc.key'),
cert: fs.readFileSync('/etc/httpd/sslcert/abc_com.crt')
};
server = https.createServer(options, app).listen(appPort, function() {
console.log('HTTPS Server listening at port %d', appPort);
});
Related
So the problem I'm having is that the client won't connect with the server.js when the server.js is using https.
if I go to "https://mydomainame.com" I get this error in the console of every other browser than brave browser
index.js:83 GET https://serverip:8081/socket.io/?EIO=3&transport=polling&t=NK0oCD6 net::ERR_CERT_AUTHORITY_INVALID
(The blacked out is the IP address of the server)
the weird thing is that in the brave browser the domain changes to "http://mydomainame.com" and the client then is connected to server.js
I'm using free Cloudflare with Full end to end encryption
server.js code:
var express = require('express'),
https = require('https');
var app = express();
var fs = require('fs');
var httpsOptions = {
key: fs.readFileSync('/var/www/ssl/sitename.com.key'),
cert: fs.readFileSync('/var/www/ssl/sitename.com.pem')};
var server = https.createServer(httpsOptions,app);
var io = require('socket.io').listen(server);
const port = 8081;
server.listen(port);
And client.js connection code:
socket = io.connect('https://serverip:8081', {secure: true});
I am using the same Origin Certificates for the server and for the nodejs code.
The server is using Apache2 with PHPMyAdmin and is configured to make the domain only work using https.
I read somewhere something Cloudflare not being able to use other ports than 443 and some other but I did not really understand it, And I can't get the server.js to work over port 443.
I'm thankful for any information or help I can get! :)
So I figured it out, big thanks to Eric Wong for pointing out the biggest problem that I was trying to connect to the server using its IP there for not going thru Cloudflare.
Then in this article Identifying network ports compatible with Cloudflare's proxy
you can see what ports Cloudflare allows connections on then, I changed my code to used the https port 8443.
socket = io.connect('https://domainname.com:8443',{secure: true});
then the only thing I had to do was to port forward the new port and everything worked fine!
My expressjs+Socket.io server runs on a Raspberry Pi. When trying to connect to the express, there is a http+https incompatibility that Firebase doesn't seem to like. Tells me to use Https instead. When using Https, I get Certificate errors. So I went and bought myself a brand new SSL certificate from my domain provider and... on my local machine, where I accidentally installed the certificate, everything works fine, but on my laptop or mobile, when I go to the website, it says "(net::ERR_CERT_COMMON_NAME_INVALID)". I am not sure what to do, since many resources online cover only how to bypass this problem on their machine, without fixing the problem for everyone.
Server.js
var app = require("express")();
var https = require("https");
var fs = require("fs");
var server = https.createServer(
{
key: fs.readFileSync('./sslkey.key'),
cert: fs.readFileSync('./sslcert.crt'),
ca: fs.readFileSync('./sslca.ca-bundle'),
},
app
);
var io = require("socket.io")(server);
io.on("connection", function(socket) {
console.log("User connected");
})
server.listen(4444, function() {
console.log("listening on *:4444");
});
I also use Socket.io with Angular and I couldn't find a way to disable "rejectUnauthorized", as many suggested to skip the SSL check.
Any help?
I have a certificate bought from godaddy and it needs to be installed in our nodejs server.I have the below code written. This was working earlier but we recently renewed the certificate and replaced the old certificates with the renewed certificate and certificate private key file in the specified folder. But the certificate information is not getting reflected in the website. The expiry date for old certificate was june-20,2018.Will it not reflect till the old one gets expired?
var options = {
key: fs.readFileSync('certificate/mssp.tcs.com.key'),
cert: fs.readFileSync('certificate/mssp.tcs.com.crt'),
ca: [fs.readFileSync('certificate/mssp.tcs.comi.crt')]
};
var server = app.listen(8001, function () {
console.log('%s listening at %s', server.name, server.url);
console.log("server Started");
});
https.createServer(options,app).listen('443 ');
The way you are importing the certificate and key is correct. So I think your issue is probably caused by pointing to the old files or existing process using old certificates. In this situation I suggest:
Double check certificate/mssp.tcs.com.* files to ensure all of them are really pointing to the renewed files. Sometimes we have symbolic links to restricted folders and a simple copy might fail without correct privileges.
Once you ensure that new files are in place. Make sure you kill the older process that might be running. You can achieve that by a ps -ef | grep node on linux servers and then kill it by PID. Just be careful to stop the correct application. Once you stop the old process, you should get a 'Not Found' if you access your web application through a browser.
Ensuring you have new files in place and that old process is not running anymore, start your node process. Your certificates should be updated :)
Finally, I would also suggest you to review the server which is running on port 8001 without https. Just make sure you need that or remove it. A simple code to run HTTPS can be like that:
'use strict';
var express = require('express'),
fs = require('fs'),
https = require('https');
var httpPort = 443;
var app = express();
var options = {
key: fs.readFileSync('privkey.pem'),
cert: fs.readFileSync('cert.pem')
};
app.set('port', httpPort);
app.use(express.static(path.join(__dirname, '/public')));
https.createServer(options, app).listen(httpPort, function(){
console.log('Listening at ' + httpPort);
});
I'm having trouble connecting my chat application to Node.js server running on Ubuntu 16.04. The problem seems to be the ssl certificate which have been generated using 'letsencrypt'.
I have successfully connected to my Node.js server using a openssl certificate - this however only works in my Chrome browser.
Here is my code for the Node.js part.:
let fs = require('fs');
let https = require('https');
var options = {
key: fs.readFileSync('./file.pem'),
cert: fs.readFileSync('./file.crt')
};
let server = https.createServer(options);
let io = require('socket.io')(server);
let Redis = require('ioredis');
let redis = new Redis();
redis.subscribe('all-chat');
redis.on('message', function (channel, message) {
message = JSON.parse(message);
io.emit(channel + ':' + message.event, message.data);
});
server.listen(3201);
The error code I'm getting from my browser is.:
net::ERR_INSECURE_RESPONSE
My guess is that for some odd reason the certificates I have obtained is not following a standard of some sorts, so the browser discards the response.
For what I can gather around the web about this problem - the solution should be using a certificate from 'letsencrypt' and/or multiple variations of.:
var options = { ... };
And I do believe I have tried every possible combination.
If I open my website in two windows, one in Edge and one in Chrome, I can succesfully send a message from Edge to Chrome - the message will however not be shown in Edge as it should.
Thanks in advance for any detail that may put me back on track!
The answer was rather simple. To be sure you can use your certificate you can use the diagnostic tool found on https://www.digicert.com/help/.
For the connection from client to my Node.js end I stated the IP on the client side - and that will not do when using a certificate which have been created with the public domain. So I changed the IP on the client side from the IP to the public domain and it worked!
I've been playing around with the Cloud9 IDE and am having a great time with it. However, I'm trying to setup a simple https server with node js and I can't seem to get it to work. When I run the page, Cloud9 says 'Running Node Process' but when I visit the url that the server is supposed to respond to: https://workspace.user.c9.io the page says
Service Temporarily Unavailable
The server you are trying to contact is down either because it was stopped or is unable to service your request due to maintenance downtime or capacity problems. Please try again later.
node-web-proxy/0.4 Server at project-livec9f70a01ca28.rhcloud.com Port 8000
I created a test certificate with OPENSSL and am using the following code to set up my server. I can confirm that the OPENSSL certificate was built correctly.
var https = require("https");
var fs = require("fs");
var url = require("url");
var options = {
key: fs.readFileSync('certs/cert.pem'),
cert: fs.readFileSync('certs/cert.pem')
};
// create a server
https.createServer(options, function(req, res) {
console.log("This works!");
res.writeHead(200);
res.end("Hello world from Cloud9! Url:"+req.url);
}).listen(process.env.PORT);
Thank you for your help!
you need .listen(process.env.PORT,process.env.IP);
It should say that when you start a program.