我对NodeJS还是很陌生,我正尝试通过GoDaddy证书将来自NodeJS(后端)的HTTPS请求直接实现到IISNode中托管的中间件api。我的视图(前端)有另一个存储库,并且通过浏览器对中间件api的所有调用都在使用GoDaddy证书。使用Axios进行的HTTP调用可以正常工作。从NodeJS后端使用HTTPS调用中间件api时,我得到:
Error: self signed certificate
at TLSSocket.onConnectSecure (_tls_wrap.js:1058:34)
at TLSSocket.emit (events.js:198:13)
at TLSSocket.EventEmitter.emit (domain.js:448:20)
at TLSSocket._finishInit (_tls_wrap.js:636:8)
真的很奇怪,前端回购通过浏览器没有问题地与中间件通信,但是NodeJS后端调用却没有。我尝试在后端使用Axios,但没有出现运气和证书错误。我切换到HTTPS,并且GET调用正常运行,但是POST调用给了我上面的错误。
我已经阅读了大量有关自签名证书的帖子和示例,但是我使用的是从GoDaddy生成的证书。这是我尝试过的一些代码片段:
Axios:
const SSLAgent = new https.Agent({
rejectUnauthorized: true,
passphrase: process.env.PASSPHRASE,
pfx: fs.readFileSync(path.join(__dirname, "../../") + process.env.PFX),
ca: fs.readFileSync(path.join(__dirname, "../../") + process.env.CRT_BUNDLE)
});
const fetchData = () => axios.get(`${process.env.MIDDLE_WARE_URL}/something`, {
headers: {
Authorization: `Bearer ${token}`
},
httpsAgent: SSLAgent
});
const uploadData = () => {
const form = new FormData();
form.append("data", fs.createReadStream(dataPath));
return axios.post(`${process.env.MIDDLE_WARE_URL}/data`, form, {
headers: {
...form.getHeaders(),
Authorization: `Bearer ${token}`
},
httpsAgent: SSLAgent
});
};
const fetchItemImage = (ItemID: number) => axios.get(`${process.env.MIDDLE_WARE_URL}/item/${ItemID}/image.png`, {
responseType: "arraybuffer",
headers: {Authorization: `Bearer ${token}`},
httpsAgent: new https.Agent({pfx: fs.readFileSync(path.join(__dirname, "../../") + process.env.PFX), passphrase: process.env.PASSPHRASE}), ca: fs.readFileSync(path.join(__dirname, "../../") + process.env.CRT_BUNDLE)
});
HTTPS:
const SSLAgent = {
rejectUnauthorized: true,
passphrase: process.env.PASSPHRASE,
pfx: fs.readFileSync(path.join(__dirname, "../../") + process.env.PFX),
ca: fs.readFileSync(path.join(__dirname, "../../") + process.env.CRT_BUNDLE)
};
const middleServer = express;
const middle = express.Router();
https.createServer(SSLAgent, middleServer).listen(443);
let data;
const dataOptions = {
headers: {
"Authorization": `Bearer ${token}`
}
};
const fetchData = () => middle.get("/data", (req, res) => {
console.log("The req is: ", req);
if (res.statusCode === 200) {
console.log("The Fetch Data Res: ", res);
data = res;
}
data = [];
});
const uploadStuff = () => {
const form = new FormData();
form.append("Stuff", fs.createReadStream(stuffPath));
const stuffOptions = {
headers: {
...form.getHeaders(),
"Authorization": `Bearer ${token}`
},
form
};
return middle.post("/stuff", (req, res) => {
req.params(stuffOptions);
res.on("data", () => {
console.log("The post response is: ", res);
});
res.on("error", (error) => {
console.log("The post error is: ", error);
});
});
};
此外,这是我的IIS web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="iisnode" path="iis.js" verb="*" modules="iisnode" />
<add name="iisnode-socketio" path="iis.js" verb="*" modules="iisnode" />
</handlers>
<rewrite>
<rules>
<rule name="my_middleware">
<match url="/*" />
<conditions>
<add input="{HTTPS}" pattern="off" ignoreCase="true" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTPS_HOST}/{R:1}" />
</rule>
<!-- Don't interfere with requests for logs -->
<rule name="LogFile" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^[a-zA-Z0-9_\-]+\.js\.logs\/\d+\.txt$" />
</rule>
<!-- Don't interfere with requests for node-inspector debugging -->
<rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">
<match url="^app.js\/debug[\/]?" />
</rule>
<!-- First we consider whether the incoming URL matches a physical file in the /public folder -->
<rule name="StaticContent">
<action type="Rewrite" url="public{REQUEST_URI}" />
</rule>
<!-- All other URLs are mapped to the Node.js application entry point -->
<rule name="DynamicContent">
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True" />
</conditions>
<action type="Rewrite" url="iis.js" logRewrittenUrl="true" />
</rule>
<rule name="SocketIO" patternSyntax="ECMAScript">
<match url="socket.io.+" />
<action type="Rewrite" url="iis.js" />
</rule>
</rules>
</rewrite>
<webSocket enabled="false" />
<iisnode debugHeaderEnabled="true" promoteServerVars="AUTH_USER,AUTH_TYPE,LOGON_USER" />
<security>
<authorization>
<remove users="*" roles="" verbs="" />
<add accessType="Allow" users="?" verbs="OPTIONS" />
<add accessType="Allow" users="*" roles="" />
</authorization>
<requestFiltering>
<requestLimits maxAllowedContentLength="4294967295" />
</requestFiltering>
</security>
<defaultDocument>
<files>
<add value="iis.js" />
</files>
</defaultDocument>
</system.webServer>
</configuration>