我在应用程序中使用iojs和koa,最近我决定将iojs更新为nodejs v4.4.4。更新非常顺利,我的应用程序立即运行。问题是我在开发机器上使用了自签名SSL证书,更新到nodejs后,当我尝试访问网站时收到以下消息:
该网站无法提供安全的连接
本地主机使用不受支持的协议。
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
The client and server don't support a common SSL protocol version or cipher suite. This is likely to be caused when the server needs RC4, which is no longer considered secure.
I am using nvm so I tried switching to iojs and the website was working again.
After some reading I found out that I have to update the openssl to version 1.0.2g instead of the 1.0.1g that I used to create the .key and .crt files. So I updated openssl and generated new key and certificate files like this:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
Sadly this did not resolve the issue.
This is the code that I use to setup the https on the server:
let sslOptions = {
key: fs.readFileSync('/etc/apache2/ssl/apache.key'),
cert: fs.readFileSync('/etc/apache2/ssl/apache.crt')
};
let server = require('https').createServer(sslOptions, app.callback())
Am I doing something wrong? Why does it work with iojs and does not work with nodejs?
感谢您的回答!
正如我所怀疑的那样,问题出在与openssl无关的东西上。
在我的应用程序中,我有一个
config.js带有应用程序配置的文件。在其中,我正在读取证书文件,并将其添加到javascript对象中。问题是,我正在使用该
lodash模块合并2个javascript对象(其中一个包含证书文件)。我使用的是
lodash模块的旧版本,看来它使用Buffer来合并文件。该Buffer版本中的Buffer实现与新Node.js版本中的实现不匹配。这导致证书文件的错误合并,并导致ERR_SSL_VERSION_OR_CIPHER_MISMATCH错误消息。长话短说,将
lodash模块更新到最新版本后,证书开始按预期工作。