Comodo SSL证书包安装Node.js/Express
我刚从Comodo购买了一个域SSL证书,并收到了以下文件:Comodo SSL证书包安装Node.js/Express,node.js,express,ssl-certificate,Node.js,Express,Ssl Certificate,我刚从Comodo购买了一个域SSL证书,并收到了以下文件: example.com.ca捆绑包 -----BEGIN CERTIFICATE----- MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/
example.com.ca捆绑包
-----BEGIN CERTIFICATE-----
MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
+AZdAeKCIN2+b72z...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
PUsE2JSDAD3FQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzcd3h5vR
pu/xOD8QOG3...
-----END CERTIFICATE-----
example.com.crt
-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgIQDDhlxcL1PyJpGAoMWLNvwTANBgkqhkiG9w0BAQsFADCB
wCypSjy5b3WKSdYByYwPZqKWKiqT/g3uLwD4fhWvqTQxmR9diXL1SAdZIwht47VU
7FytWidOUmY/lxVrlFDCePkWLkyAY0AN0VsocqB/16xq9LqN8FwWQg==...
-----END CERTIFICATE-----
index.js
const privateKey = fs.readFileSync('sslcert/server.key', 'utf8');
const certificate = fs.readFileSync('sslcert/server.crt', 'utf8');
const credentials = {
key: privateKey,
cert: certificate,
};
const httpsServer = https.createServer(credentials, app);
example.com.ca bundle
包含两个证书。它们是什么?我应该使用哪一个作为server.key
?由于您没有提供完整的证书,我们无法确定捆绑包中包含哪些内容。但按照良好实践,这是CA的中间证书或根证书(如果特定CA不使用中间证书)。其思想是服务器(应用程序)需要特定CA链中的所有证书(从根证书开始)。我指的是链中的所有证书
server.crt
-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgIQDDhlxcL1PyJpGAoMWLNvwTANBgkqhkiG9w0BAQsFADCB
wCypSjy5b3WKSdYByYwPZqKWKiqT/g3uLwD4fhWvqTQxmR9diXL1SAdZIwht47VU
7FytWidOUmY/lxVrlFDCePkWLkyAY0AN0VsocqB/16xq9LqN8FwWQg==...
-----END CERTIFICATE-----
server.key
是创建证书请求时生成的私钥。你留着吗
server.crt
和server.key
可以是任意文件名,只要它们遵循文件系统规则、存在、包含正确的信息并且在配置文件中有描述
example.com.ca bundle
应用作server.crt
-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgIQDDhlxcL1PyJpGAoMWLNvwTANBgkqhkiG9w0BAQsFADCB
wCypSjy5b3WKSdYByYwPZqKWKiqT/g3uLwD4fhWvqTQxmR9diXL1SAdZIwht47VU
7FytWidOUmY/lxVrlFDCePkWLkyAY0AN0VsocqB/16xq9LqN8FwWQg==...
-----END CERTIFICATE-----
您生成的私钥应该用作服务器。密钥对不起,我对这个完全陌生。什么是CA?@ChrisRich CA=证书颁发机构。在您的情况下,在购买证书之前,我在本地主机上创建了一个私钥和一个.csr文件(证书签名请求)。那么我从科摩多收到的文件是用来做什么的呢?