javascript - 为什么nodejs不能查询到这个https URL?
问题描述
我有一堆我必须调用的 Web 服务,都在https中,只有一个不工作,出现 SSL 错误
错误:写入 EPROTO 12632:错误:14094410:SSL 例程:ssl3_read_bytes:sslv3 警报握手失败:openssl\ssl\record\rec_layer_s3.c:1407:SSL 警报号 40
我正在使用节点版本 10.13.0。我试图强制协议
https.globalAgent.options.secureProtocol = "TLSv1_method"
没有运气。
我很确定我错过了一些明显的东西,但我必须承认我在这里有点迷失了:/
const https = require('https');
const url= "https://rec-www.calvados.fr";
const urlOptions= {};
const data= "";
const resolve= (o)=> {
console.log("resolve", o);
}
const reject= (o)=> {
console.log("reject", o);
}
const req= https.request(url, urlOptions, res => {
let body= "";
res.on("data", chunk => (body += chunk.toString()));
res.on("error", reject);
res.on("end", () => {
if(res.statusCode && res.statusCode >= 200 && res.statusCode <= 299) {
resolve({statusCode: res.statusCode, headers: res.headers, body});
} else {
reject("Request failed. status: " + res.statusCode + ", body: " + body);
}
});
});
req.on("error", reject);
req.write(data, "binary");
req.end();
用另一个 URL 更改 URL 以查看它是否正常工作。但是有了那个,繁荣....
有任何想法吗 ?
干杯。
- 更新 -
为了遵循@antonku 的回答,我得到了以下信息: openssl s_client -connect rec-www.calvados.fr:443
CONNECTED(000001E8)
---
Certificate chain
0 s:/C=FR/postalCode=14035/ST=Calvados/L=CAEN/street=B.P. 12/street=12, rue Saint-Laurent/street=Conseil g\xC3\xA9n\xC3\xA9ral/O=DEPARTEMENT DU CALVADOS/OU=0002 221401185/CN=*.calvados.fr
i:/C=FR/ST=Calvados/L=Caen/O=TBS INTERNET/OU=TBS INTERNET CA/CN=TBS X509 CA business 2
1 s:/C=FR/ST=Calvados/L=Caen/O=TBS INTERNET/OU=TBS INTERNET CA/CN=TBS X509 CA business 2
i:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
2 s:/C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIQY9hra7I57r0ELb0R9HO1fDANBgkqhkiG9w0BAQsFADCB
gTELMAkGA1UEBhMCRlIxETAPBgNVBAgTCENhbHZhZG9zMQ0wCwYDVQQHEwRDYWVu
MRUwEwYDVQQKEwxUQlMgSU5URVJORVQxGDAWBgNVBAsTD1RCUyBJTlRFUk5FVCBD
QTEfMB0GA1UEAxMWVEJTIFg1MDkgQ0EgYnVzaW5lc3MgMjAeFw0xNzAzMDMwMDAw
MDBaFw0yMDAzMjQyMzU5NTlaMIHgMQswCQYDVQQGEwJGUjEOMAwGA1UEERMFMTQw
MzUxETAPBgNVBAgTCENhbHZhZG9zMQ0wCwYDVQQHEwRDQUVOMRAwDgYDVQQJEwdC
LlAuIDEyMR4wHAYDVQQJExUxMiwgcnVlIFNhaW50LUxhdXJlbnQxGjAYBgNVBAkM
EUNvbnNlaWwgZ8OpbsOpcmFsMSAwHgYDVQQKExdERVBBUlRFTUVOVCBEVSBDQUxW
QURPUzEXMBUGA1UECxMOMDAwMiAyMjE0MDExODUxFjAUBgNVBAMMDSouY2FsdmFk
b3MuZnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl42Ohd2UY+MT6
RvlHyychy1GukrGRKf9znCsAxdFJ+c9YQleNnHK2+0t57ydd0CcHm2eNwRsw9OIv
vx6I44ByqBsjGCimCcYbx3Pex8L29zVc/C0qe9YbgJWl3LF20QjQKqUHFACn8IL3
AGOY8ORGkWoM5Gha5NiBBIAO+HOCz0YoZy6nWyKZ8+83tRwMCGj4kpvL3g5UXRJa
3x1WR8gXg0NUGKavbjjZaBKkfpz4+pbztVZoCViHn3Z9jGZJCudpocLc8nvzjuot
Jbf0jpW/vDWROxgLKWs9iq0y1mw0/lo3jsoThwaf5rMUHaAvLuaWjWL+og3xULOd
w5/02247AgMBAAGjggGqMIIBpjAfBgNVHSMEGDAWgBRx8gupo+3LA0oMPAE7vkxE
besq+DAdBgNVHQ4EFgQUXp6vDf8q9hWC1+I6Q+90vGeVbM0wDgYDVR0PAQH/BAQD
AgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MEoGA1UdIARDMEEwNQYKKwYBBAHlNwIBATAnMCUGCCsGAQUFBwIBFhlodHRwczov
L2Nwcy51c2VydHJ1c3QuY29tMAgGBmeBDAECAjBABgNVHR8EOTA3MDWgM6Axhi9o
dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVEJTWDUwOUNBYnVzaW5lc3MyLmNybDBy
BggrBgEFBQcBAQRmMGQwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQudXNlcnRydXN0
LmNvbS9UQlNYNTA5Q0FidXNpbmVzczIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8v
b2NzcC51c2VydHJ1c3QuY29tMCUGA1UdEQQeMByCDSouY2FsdmFkb3MuZnKCC2Nh
bHZhZG9zLmZyMA0GCSqGSIb3DQEBCwUAA4IBAQBU0OfVabVbiAVSN3OeIPOFo9wW
8/mCtMZvI5Zas5rJeXzpB6EquWLL13CI7kMTChOKirzOwBPR0RrXp3XH5L0OIXFh
VgVaxwR2GvtjHj0w8/HJyB8AWMa+8PxkbKd1xUOnHoWSJWlp327/N5frcpj4MRR7
WUzx65EvzllAYJLvgm7R3VcdAWRsFQLEl94peG29FaGdSw7s9P/F7XOGwObet2or
6y4tPNy4G/p/HcF+n4+Gsva7Qb+MpcdI8reSh4v0BNUlYHFb9OhQBnBMOPZK65cZ
HuARrEevK6Kx0VABnCjb7sZPdUAnzbd1vlXSzE/A+dahHxc5xBM7qGvrIFPn
-----END CERTIFICATE-----
subject=/C=FR/postalCode=14035/ST=Calvados/L=CAEN/street=B.P. 12/street=12, rue Saint-Laurent/street=Conseil g\xC3\xA9n\xC3\xA9ral/O=DEPARTEMENT DU CALVADOS/OU=0002 221401185/CN=*.calvados.fr
issuer=/C=FR/ST=Calvados/L=Caen/O=TBS INTERNET/OU=TBS INTERNET CA/CN=TBS X509 CA business 2
---
No client certificate CA names sent
---
SSL handshake has read 4558 bytes and written 626 bytes
---
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1
Cipher : DES-CBC3-SHA
Session-ID: D67EB3B87B19B41B353B66E4CC57B1DD4611E626C6BE6FFB173053B4B25C80A0
Session-ID-ctx:
Master-Key: CB98E88373100902EB194E8E555A9991D001B55806408546E28C1C8733E700B45B5EECC8BAC5CC27C66309277C38B296
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1546955507
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
最后一行可能是罪魁祸首吗?
解决方案
为了建立https连接,服务器rec-www.calvados.fr被指向,需要安装 SSL 证书。正如我所看到的,目前,服务器没有返回任何 SSL 证书作为响应,这就是连接失败的原因。
如果您想使用安全连接 ( https),则需要在服务器端配置 SSL 证书。或者,如果保密性不重要,您可以使用普通的不安全http而不是https.
推荐阅读
- html - WeasyPrint 将 HTML 转换为 PDF 未能生成完美的结果
- react-native - 反应原生 ScrollView onScroll 事件
- qt - VS 2017 错误 C2665 'qHash':30 个重载中没有一个可以转换所有参数类型
- javascript - 获取导入组件的高度
- vega - 分组标记的轴位置不正确
- django - 如何过滤 django 内联形式的查询集?
- android - Dialogflow Api 中的 URL 编码问题
- python - 如何修复 Python 中的字符串格式?
- jquery - 在单个页面上使用 jQuery 禁用 CSS 规则
- android - 如何在文件选择器中仅显示 pdf?