28

I use simple example from these link:

a link[a How to create an HTTPS server in Node.js?]

a link[a How to create an https server? docs.nodejitsu.com]

but I get error like

curl: (35) Unknown SSL protocol error in connection to localhost:-9838

why?

Improve this question

2 Answers 2

Reset to default
81

I use the wrong way to create certificate.

This one is wrong:

openssl genrsa -out key.pem
openssl req -new -key key.pem -out csr.pem
openssl x509 -req -days 9999 -in csr.pem -signkey key.pem -out cert.pem

This is the way to create certificate that could use:

openssl genrsa -out client-key.pem 2048
openssl req -new -key client-key.pem -out client.csr
openssl x509 -req -in client.csr -signkey client-key.pem -out client-cert.pem
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Superb! I was searching for this. But why that is the wrong way? It would be great if you can explain
I am a rookie so I do not know the answer :)
The important difference for me was the 2048 on the genrsa command - without it, the default key was a weak 512 bits. The only reference for that error code that I can find is Apple source code where it's a errSSLPeerInternalError (but only one away from a errSSLPeerInsufficientSecurity).
@YanLi you rock! I've spent one whole night working with the wrong way and troubleshooting my mac, chrome and god know all sorts of issues. Tried your way and it works! Thank you!
The -days 9999 parameter works with the second method too
|
0

This is a faster way to do the same:

$ openssl req -new -newkey rsa:4096 -days 9999 -nodes -x509 \
  -subj "/C=US/O=Example Inc./CN=example.com" \
  -keyout key.pem -out cert.pem
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.