I'm making a call to an API that requires both a HTTPS Basic Authentication and certification.
The cert has a passphrase. This is my config variable:
const cert = fs.readFileSync('path.pem');
const config = {
method: 'POST',
cert: cert,
passphrase: '...',
auth: 'user:pwd',
headers: {
'Content-Type': 'application/xml'
}
}
When calling the http.request(url, config, callback), I keep on getting this error thrown (on the 'error' event of the http.request object):
"errorMessage": "Error: Error: Error: write EPROTO 140627217733568:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../deps/openssl/openssl/ssl/record/rec_layer_s3.c:1545:SSL alert number 40\n"
I've tried await-ing the read of the .pem file as well. Same thing.
I just need to know that I'm inserting all my authentication correctly. Then I can know that that's not the issue.
Am I putting my HTTPS Basic Authentication and certification with passphrase in correctly?
Tried making secure call to API, expected normal result, got SSL handshake error.
Putting the certificate in the cert field is not enough for a mutual TLS connection. You should have a pem file which also contains a private key. You should then add a key option to your config and pass the contents of the pem file that contains the private key. I think this should be enough, but there might be some other settings that you might have to tweak to make it work though.