Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls ca: option doesn't support the same formats as openssl -CAfile #24761

Closed
sam-github opened this issue Nov 30, 2018 · 0 comments
Closed

tls ca: option doesn't support the same formats as openssl -CAfile #24761

sam-github opened this issue Nov 30, 2018 · 0 comments
Labels
confirmed-bug Issues with confirmed bugs. tls Issues and PRs related to the tls subsystem.

Comments

@sam-github
Copy link
Contributor

  • Version: all
  • Platform: all
  • Subsystem: tls

OpenSSL supports "BEGIN TRUSTED CERTIFICATE", whereas Node.js silently ignores them. When people fail to authenticate with a ca: file, they often try with other tools (openssl s_client -CAfile ..., curl -cacert ..., ...) to confirm where the CAs are valid. They find they are, but that they don't work with Node.js. Ouch.

Fixed in #24733

@sam-github sam-github added tls Issues and PRs related to the tls subsystem. confirmed-bug Issues with confirmed bugs. labels Nov 30, 2018
sam-github added a commit to sam-github/node that referenced this issue Dec 11, 2018
Support the same PEM certificate formats for the ca: option to
tls.createSecureContext() that are supported by openssl when loading a
CAfile.

Fixes: nodejs#24761
BethGriggs pushed a commit that referenced this issue Dec 17, 2018
Support the same PEM certificate formats for the ca: option to
tls.createSecureContext() that are supported by openssl when loading a
CAfile.

Fixes: #24761

PR-URL: #24733
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
refack pushed a commit to refack/node that referenced this issue Jan 14, 2019
Support the same PEM certificate formats for the ca: option to
tls.createSecureContext() that are supported by openssl when loading a
CAfile.

Fixes: nodejs#24761

PR-URL: nodejs#24733
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
sam-github added a commit to sam-github/node that referenced this issue Apr 29, 2019
Support the same PEM certificate formats for the ca: option to
tls.createSecureContext() that are supported by openssl when loading a
CAfile.

Fixes: nodejs#24761

PR-URL: nodejs#24733
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
confirmed-bug Issues with confirmed bugs. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Development

No branches or pull requests

1 participant