Node.js 如何在NodeJS中使用HTTPS获取?
我有一段非常棒的java代码(不是我自己写的),我需要将其翻译成与NodeJS等效的代码。它需要应用正确的SSL证书并进行https调用。我有两个带有相应密码的证书:Node.js 如何在NodeJS中使用HTTPS获取?,node.js,ssl,https,fetch-api,public-key-encryption,Node.js,Ssl,Https,Fetch Api,Public Key Encryption,我有一段非常棒的java代码(不是我自己写的),我需要将其翻译成与NodeJS等效的代码。它需要应用正确的SSL证书并进行https调用。我有两个带有相应密码的证书: 我的密钥库 my_truststore.jks java代码运行良好,基本上做到了: SSLContext sslcontext = SSLContexts.custom().useProtocol("TLS") .loadKeyMaterial(getKeyStore(), getKeySto
- 我的密钥库
- my_truststore.jks
SSLContext sslcontext = SSLContexts.custom().useProtocol("TLS")
.loadKeyMaterial(getKeyStore(), getKeyStorePwd())
.loadTrustMaterial(getTrustStore(), null).build();
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslcontext);
CloseableHttpClient httpClient = HttpClients.custom().setSSLSocketFactory(sslSocketFactory).build();
this.setHttpClient(httpClient);
其中getKeyStore/getTrustStore方法如下(为了简洁起见删除了一些代码):
我尝试在Node中执行以下操作:
const https = require('https');
const fs = require('fs');
const jks = require('jks-js');
const keystore = jks.toPem(
fs.readFileSync('./src/resources/keystore/my_truststore.jks'),
'TruststorePassword'
);
const {ca} = keystore['firstca'];
console.log(ca);
// prints
// -----BEGIN CERTIFICATE-----
// MIIDrzCCApe... etc.
const options = {
pfx: fs.readFileSync('./src/resources/keystore/my_keystore.p12'),
passphrase: 'KeystorePassword',
ca: ca,
};
const sslConfiguredAgent = new https.Agent(options);
let url = 'https://the.service';
let body = {a:'aaa', b:'bbb'};
const response = await fetch(url, {
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
agent: sslConfiguredAgent,
body: JSON.stringify(body)
});
这不起作用,我得到以下错误:
FetchError: request to https://the.service failed, reason: write EPROTO 4559838656:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1536:SSL alert number 40
因为我得到了一个适当的ca
日志,所以我假设一个日志是可以的。由于如果将KeystorePassword更改为错误值,则验证失败,因此我假设在上面的代码中正确读取了我的_密钥库。我还假设我的_keystore.p12同时包含私钥和证书,尽管我无法查看其中的内容
那么,我错过了什么
FetchError: request to https://the.service failed, reason: write EPROTO 4559838656:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1536:SSL alert number 40