HTTP 400:ADFS HTTPS请求中的错误请求错误

时间:2013-05-23 07:14:16

标签: node.js ssl https adfs

我正在编写 Node.js 应用程序,并尝试集成ADFS服务器以获取身份验证。为此,我使用wstrust-client,并使用ADFS服务器URL作为我的端点。到目前为止我的代码是:

app.get('/login', function(req, res) {
    trustClient.requestSecurityToken({
        scope: 'https://mycompany.com',
        username: "username",
        password: "password",
        endpoint: 'https://[adfs server]/adfs/services/trust/13/usernamemixed'
    }, function (rstr) {
         // Access the token
        var rawToken = rstr.token;
        console.log('raw: ' + rawToken);
    }, function(error) {
        console.log(error)
    }); 
});    

我通过wstrust-client

请求 https

到目前为止,wstrustclient.js中的代码是:

var req = https.request(post_options, function(res) {
    res.setEncoding('utf8');
    res.on('data', function(data) {
        console.log("Entered res")

        var rstr = {
            token: parseRstr(data),
            response: res,
        };

        callback(rstr);
    }); 
});

req.write(message);
req.end();
req.on('error', function (e) { 
console.log("******************************");
console.log(e);
console.log("******************************");

然而,它抛出了这个错误:

******************************
{ [Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE]
    stack: 'Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE\n   
    at SecurePair.<anonymous> (tls.js:1253:32)\n    
    at SecurePair.EventEmitter.emit (events.js:91:17)\n    
    at SecurePair.maybeInitFinished (tls.js:865:10)\n    
    at CleartextStream.read [as _read] (tls.js:416:15)\n  
    at CleartextStream.Readable.read (_stream_readable.js:231:10)\n  
    at EncryptedStream.write [as _write] (tls.js:329:25)\n  
    at EncryptedStream.Writable.write (_stream_writable.js:176:8)\n  
    at write (_stream_readable.js:496:24)\n 
    at flow (_stream_readable.js:506:7)\n    
    at Socket.pipeOnReadable (_stream_readable.js:538:5)' }
    ******************************
    ******************************
    { [Error: read ECONNRESET]
        stack: 'Error: read ECONNRESET\n   
        at errnoException (net.js:846:11)\n  
        at TCP.onread (net.js:508:19)',
        code: 'ECONNRESET',
        errno: 'ECONNRESET',
        syscall: 'read' }
    ******************************

当我在浏览器中浏览相同的端点URL时,它会抛出HTTP 400: Bad Request

我知道这是一个SSL类型错误,它来自服务器端。但是,我不知道为什么它会抛出错误以及服务器端可能出现的问题。我需要改变什么?

1 个答案:

答案 0 :(得分:4)

根据OpenSSL手册here

  

21 X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:无法验证   第一个证书没有签名可以验证,因为链   只包含一个证书,而且不是自签名的。

考虑到这一点,您可能需要签署证书。