I've got a client-side cert secured rest endpoint which works when I hit it via curl using a known cert in Linux-land... That is to say, if I console.log(req.connection.getPeerCertificate()), I see a bunch of stuff. Cool.
... however, when one of my teammates tries to hit the same endpoint from a Windows Machine, req.connection.getPeerCertificate() is an empty object, even though they think they're attaching the cert correctly.
What's the best way to tell if they are, indeed, attaching the cert correctly? How should I go about debugging this?
The docs say:
If the peer does not provide a certificate, [
getPeerCertificate] returnsnullor an empty object.
So you already know that the Windows client is not sending a valid certificate because getPeerCertificate() returns an empty object. Check the authorizationError property for additional information about any client certificate errors that may have occurred.
Debug this by finding out why the client isn't sending a certificate. Are you setting requestCert: true in your server options? Is the client properly configured? Is it sending a certificate that can be validated?