Power up with new SaaS Add-Ons from the DigitalOcean Marketplace

Related

My website is unresponsive! What do I do?
Question
Anybody who has set up Postfix/Dovecot with TLS?
Question

Question

HTTPS error (SSL_ERROR_NO_CYPHER_OVERLAP) - no common encryption algorithm(s)

I have seen other similar questions but non addresses my problem. I have generated my TLS (openSSL) Self-Signed certificate, but seems not working on my NodeJS server.

Instructions to generate SSL

openssl req -newkey rsa:2048 -keyout key.pem -x509 -days 365 -out certificate.pem

openssl x509 -text -noout -in certificate.pem

openssl pkcs12 -inkey key.pem -in certificate.pem -export -out certificate.p12

openssl pkcs12 -in certificate.p12 -noout -info  // verify certificate

So at the end I have .p12 also known as PFX type certificate. Below is my Node.js code:

    // ------- Start HTTPS configuration ----------------

const options = {

    pfs: fs.readFileSync('./server/security-certificate/certificate.p12'),     
    passphrase: 'secrete2'
};
https.createServer(options, app).listen(8443);

    // -------- End HTTPS configuration -----------------

    // Also listen for HTTP 
var port = 8000;
app.listen(port, function(){
    console.log('running at localhost: '+port);
});

Here is the output when I run curl command, the HTTP request is served correctly, only HTTPS has problem:

Output when tested on same machine

Moreover, if I do this:

export CURL_CA_BUNDLE=/var/www/html/node_app/server/security-certificate/cert.p12

Then I get following error: curl: (77) Problem with the SSL CA cert (path? access rights?)

If I try to access in browser with HTTPS and port, browser says it could not load the page.

Reference links I followed: Node.js HTTPS:

https://nodejs.org/dist/latest-v8.x/docs/api/https.html#https_https_createserver_options_requestlistener

I’m using AWS RedHat Linux

Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Ryan QuinnMay 7, 2018

I haven’t personally tried to set up SSL with Node.js directly but I can recommend an alternate configuration that should both improve performance through caching if you enable it as well as making the SSL problem easy to solve.

If you set up your Node.js application to use Nginx in front of it as a reverse proxy you’ll be able to:

  • Use Nginx’s caching options to reduce the load on Node.js
  • Use LetsEncrypt (tutorial here) to create a free trusted SSL certificate for Nginx
  • Log access to your Node.js app in the standard Nginx format and (if helpful) use tools like fail2ban to prevent abuse.

This guide covers setting up this stack (Node.js/PM2/Nginx).

App Platform: Run Node apps without managing serversProduct

With App Platform, you can:

  • Build, deploy, and scale apps and static sites by simply pointing to your GitHub repository
  • Let us manage the infrastructure, app runtimes, and other dependencies
  • Get started by building and deploying three static sites for free

Related

My website is unresponsive! What do I do?
Question
Anybody who has set up Postfix/Dovecot with TLS?
Question
App Platform: Run Node apps without managing serversProduct

With App Platform, you can:

  • Build, deploy, and scale apps and static sites by simply pointing to your GitHub repository
  • Let us manage the infrastructure, app runtimes, and other dependencies
  • Get started by building and deploying three static sites for free