我试图在Node JS中下载目标主机的证书但没有成功。
我在文档中看到我可以通过socket.getPeerCertificate方法将其作为缓冲区获取: https://nodejs.org/dist/latest-v6.x/docs/api/tls.html#tls_tlssocket_getpeercertificate_detailed
我在以下方面尝试使用Node.JS v8.5.0:
var https = require('https');
var opt = options || {};
opt.requestCert = true;
var req = https.request(opt, function(resp) {
var cert = resp.connection.getPeerCertificate(true);
console.log(JSON.stringify(cert, null, 10));
});
req.on('socket', function(socket) {
socket.on('secureConnect', function() {
console.log(JSON.stringify(socket.getPeerCertificate(true), null, 10));
})
});
return req;
问题:没有包含 raw 属性的结果,这就是我得到的(例如FB):
{
"subject": {
"C": "US",
"ST": "California",
"L": "Menlo Park",
"O": "Facebook, Inc.",
"CN": "*.facebook.com"
},
"issuer": {
"C": "US",
"O": "DigiCert Inc",
"OU": "www.digicert.com",
"CN": "DigiCert SHA2 High Assurance Server CA"
},
"subjectaltname": "DNS:*.facebook.com, DNS:*.facebook.net, DNS:*.fb.com, DNS:*.fbcdn.net, DNS:*.fbsbx.com, DNS:*.m.facebook.com, DNS:*.messenger.com, DNS:*.xx.fbcdn.net, DNS:*.xy.fbcdn.net, DNS:*.xz.fbcdn.net, DNS:facebook.com, DNS:fb.com, DNS:messenger.com",
"valid_from": "Dec 9 00:00:00 2016 GMT",
"valid_to": "Jan 25 12:00:00 2018 GMT",
"fingerprint": "93:6F:91:2B:AF:AD:21:6F:A5:15:25:6E:57:2C:DC:35:A1:45:1A:A5",
"ext_key_usage": [
"1.3.6.1.5.5.7.3.1",
"1.3.6.1.5.5.7.3.2"
]
}
我需要整个证书,遗憾的是指纹还不够。
我在这里缺少什么?