节点soap ClientSSLSecurityPFX - 403禁止

时间:2018-05-17 06:04:52

标签: node.js soap-client http-status-code-403 pfx node-soap

我尝试使用node-soap连接到SOAP服务但获取403 - Forbidden

我有一个pfx文件和一个密码,我正在尝试:

var pfx = fs.readFileSync(path.join(__dirname, 'folder', 'my.pfx')); // pfx file is in the relative path './folder/my.pfx'
var password = 'mypassword';
var options = {
  strictSSL: true,
  rejectUnauthorized: false,
  hostname: myUrl,
  forever: true
};
var security = new soap.ClientSSLSecurityPFX(pfx, password, options);
var url = 'https://theservice.com/ApplicationService.svc?singleWsdl';
soap.createClient(url, function (err, client) {
  console.log(err);
  console.log(client);
  client.setSecurity(security);
});

但我得到了403:

[Error: Invalid WSDL URL: https://theservice.com/ApplicationService.svc?singleWsdl

 Code: 403

 Response Body: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>403 - Forbidden: Access is denied.</title>...

    client.setSecurity(security);
          ^    
TypeError: Cannot read property 'setSecurity' of undefined

我可以通过将pfx安装到MacOS Keychain来通过浏览器访问该服务。所以URL,pfx,密码等应该没问题。

关于什么可能是问题以及如何调试的任何想法?谢谢!

2 个答案:

答案 0 :(得分:1)

我设法通过将pfx和密码设置为options.wsdl_options来连接:

  var options = {
    wsdl_options: {
      forever: true,
      rejectUnauthorized: false,
      strictSSL: false,
      pfx: fs.readFileSync(__dirname + '/folder/my.pfx'),
      passphrase: 'myPass'
    }
  };
  soap.createClient(myUrl, options, function (err, client) {
    console.log(err);
    console.log(client);
  });

通过这种方式,他们最终得到HTTP选项并启用与客户端证书的连接。

答案 1 :(得分:0)

就我而言,除了@mooses的答案外,我还必须这样做,这也许会帮助某人(使用他们的示例):

  var options = {
    wsdl_options: {
      forever: true,
      rejectUnauthorized: false,
      strictSSL: false,
      pfx: fs.readFileSync(__dirname + '/folder/my.pfx'),
      passphrase: 'myPass'
    }
  };
  soap.createClient(myUrl, options, function (err, client) {
    client.setSecurity(new soap.ClientSSLSecurityPFX(pfx, pfxPass)); // <-----
    console.log(err);
    console.log(client);
  });