使用浏览器应用程序中的自签名证书连接到安全的Socket.io连接时出错 [英] Error when connecting to a secure Socket.io connection using self signed certificate from a browser app

问题描述

Socket.io客户端API文档建议客户端应将连接请求中的自签名证书传递给服务器：

  //客户端-side 
 const socket = io（{ca：fs.readFileSync（'server-cert.pem'），rejectUnauthorized：false}）; 
  

这在节点环境中效果很好。

如何在节点环境中工作浏览器javascript应用程序？我面临两个问题：

1. 如何在浏览器应用程序中包含证书文件？ readfileSync找不到文件


2. 如果我仅在选项中包括rejectUnauthorized：false，则对节点运行良好，但在浏览器（Firefox，Chrome）中仍然无法运行
>

我已经尝试了所有方法，例如下面的方法，但是没有任何作用

  https。 globalAgent.options.rejectUnauthorized = false; 
 process.env.NODE_TLS_REJECT_UNAUTHORIZED =‘0’; 
  

我唯一获得正确签名证书的选择吗？

解决方案

不确定确切发生了什么，但是现在可以在Chrome中运行。总结一下，这就是我要做的事情：

创建自签名证书并信任它们
使用这些证书运行基于节点的socket.io服务器（下面的代码段）。确保您的证书适用于指定的 url

  const Io = require（ socket.io）; 
 const httpsServer = https.createServer（myCerts，expressApp）; 
 httpsServer.listen（port，``url''，（）=> console.log（`在HTTPS端口$ {port}上监听！））; 
 const io = new Io（httpsServer）; 
  

在节点客户端中，我可以将证书和连接请求一起传递

<$ p / p> //节点客户端
const io = require（ socket.io-client）;
const socket = io（{ca：fs.readFileSync（’server-cert.pem’），rejectUnauthorized：false}）;


在浏览器客户端中，只需要指定rejectUnauthorized：在选项中为false

  //浏览器客户端
 const io = require（ socket.io-client）; 
 const socket = io（{rejectUnauthorized：false}）; 
  

Socket.io client API documentation suggests that the client should pass the self signed certificate in the connection request to the server:

// client-side
const socket = io({ca: fs.readFileSync('server-cert.pem'),rejectUnauthorized: false});

This works great in a node environment.

How to make this work in a BROWSER javascript app? I am facing two issues:

1. How can I include the certificate file in the browser app? readfileSync cannot find the file
2. If I only include rejectUnauthorized: false in the options, it works fine for node, but still doesn't work in the browser (Firefox, Chrome)

I have tried everything, such as below but nothing is working

https.globalAgent.options.rejectUnauthorized = false;
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

Is my only option to get a properly signed certificate?

解决方案

Not sure exactly what happened, but it's working from Chrome now. To summarize, here's what I had to do:

Create self signed certificates and trust them Run the node based socket.io server using these certificates (code snippet below). Make sure your cert applies to the specified 'url'

const Io = require("socket.io");
const httpsServer = https.createServer(myCerts, expressApp);
httpsServer.listen(port, 'url', () => console.log(`listening on HTTPS port ${port}!`));
const io= new Io(httpsServer);

In the node client, I can pass the certificate along with the connection request

// node client
const io = require("socket.io-client");
const socket = io({ca: fs.readFileSync('server-cert.pem'),rejectUnauthorized: false});

In the browser client, only need to specify rejectUnauthorized: false in the options

// browser client
const io = require("socket.io-client");
const socket = io({rejectUnauthorized: false});

这篇关于使用浏览器应用程序中的自签名证书连接到安全的Socket.io连接时出错的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！