Search code examples
node.jssslopensslkoaiojs

Self signed SSL does not work after upgrading from iojs to nodejs v4.4.4

I was using iojs and koa in my application and recently I decided to update iojs to nodejs v4.4.4. The update was very smooth and my application was running in no time. The problem is that I am using a self signed SSL certificate on my development machine, and after I updated to nodejs I receive the following message when I try to access the website:

This site can’t provide a secure connection

localhost uses an unsupported protocol.

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

The client and server don't support a common SSL protocol version or cipher suite. This is likely to be caused when the server needs RC4, which is no longer considered secure.

I am using nvm so I tried switching to iojs and the website was working again.

After some reading I found out that I have to update the openssl to version 1.0.2g instead of the 1.0.1g that I used to create the .key and .crt files. So I updated openssl and generated new key and certificate files like this:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt

Sadly this did not resolve the issue.

This is the code that I use to setup the https on the server:

let sslOptions = {
            key: fs.readFileSync('/etc/apache2/ssl/apache.key'),
            cert: fs.readFileSync('/etc/apache2/ssl/apache.crt')
                 };

let server = require('https').createServer(sslOptions, app.callback())

Am I doing something wrong? Why does it work with iojs and does not work with nodejs?

Solution

  • Thank you for the answers!

    As I suspected, the problem were with something unrelated to openssl.

    In my application I have a config.js file with the app configuration. Inside of it I am reading the certificate files and adding them to a javascript object.

    The problem was, that I am using the lodash module to merge 2 javascript objects (one of which contained the certificate files).

    I was using an older version of the lodash module and it appears that it used a Buffer to merge the files. The Buffer implementation in that version did not match the Buffer implementation in the new Node.js version. This led to incorrect merge of the certificate files and resulted in the ERR_SSL_VERSION_OR_CIPHER_MISMATCH error message.

    Long story short, after updating the lodash module to the latest version, the certificate began to work as intended.