node.js - 如何在 linux 上激活密码,最好在节点 js 中
问题描述
我需要从 nodejs 中连接到 https 服务器。我需要使用密码TLS_DH_anon_WITH_AES_256_GCM_SHA384
。
我阅读的 Ubuntu 文档说支持此密码,
https://manpages.ubuntu.com/manpages/xenial/en/man1/ciphers.1ssl.html
然而,当我执行该tls.getCiphers()
功能时,我得到以下信息,
TLS_DH_anon_WITH_AES_256_GCM_SHA384 不在列表中
supported ciphers = [ 'aes128-gcm-sha256',
'aes128-sha',
'aes128-sha256',
'aes256-gcm-sha384',
'aes256-sha',
'aes256-sha256',
'dhe-psk-aes128-cbc-sha',
'dhe-psk-aes128-cbc-sha256',
'dhe-psk-aes128-gcm-sha256',
'dhe-psk-aes256-cbc-sha',
'dhe-psk-aes256-cbc-sha384',
'dhe-psk-aes256-gcm-sha384',
'dhe-psk-chacha20-poly1305',
'dhe-rsa-aes128-gcm-sha256',
'dhe-rsa-aes128-sha',
'dhe-rsa-aes128-sha256',
'dhe-rsa-aes256-gcm-sha384',
'dhe-rsa-aes256-sha',
'dhe-rsa-aes256-sha256',
'dhe-rsa-chacha20-poly1305',
'ecdhe-ecdsa-aes128-gcm-sha256',
'ecdhe-ecdsa-aes128-sha',
'ecdhe-ecdsa-aes128-sha256',
'ecdhe-ecdsa-aes256-gcm-sha384',
'ecdhe-ecdsa-aes256-sha',
'ecdhe-ecdsa-aes256-sha384',
'ecdhe-ecdsa-chacha20-poly1305',
'ecdhe-psk-aes128-cbc-sha',
'ecdhe-psk-aes128-cbc-sha256',
'ecdhe-psk-aes256-cbc-sha',
'ecdhe-psk-aes256-cbc-sha384',
'ecdhe-psk-chacha20-poly1305',
'ecdhe-rsa-aes128-gcm-sha256',
'ecdhe-rsa-aes128-sha',
'ecdhe-rsa-aes128-sha256',
'ecdhe-rsa-aes256-gcm-sha384',
'ecdhe-rsa-aes256-sha',
'ecdhe-rsa-aes256-sha384',
'ecdhe-rsa-chacha20-poly1305',
'psk-aes128-cbc-sha',
'psk-aes128-cbc-sha256',
'psk-aes128-gcm-sha256',
'psk-aes256-cbc-sha',
'psk-aes256-cbc-sha384',
'psk-aes256-gcm-sha384',
'psk-chacha20-poly1305',
'rsa-psk-aes128-cbc-sha',
'rsa-psk-aes128-cbc-sha256',
'rsa-psk-aes128-gcm-sha256',
'rsa-psk-aes256-cbc-sha',
'rsa-psk-aes256-cbc-sha384',
'rsa-psk-aes256-gcm-sha384',
'rsa-psk-chacha20-poly1305',
'srp-aes-128-cbc-sha',
'srp-aes-256-cbc-sha',
'srp-rsa-aes-128-cbc-sha',
'srp-rsa-aes-256-cbc-sha',
'tls_aes_128_gcm_sha256',
'tls_aes_256_gcm_sha384',
'tls_chacha20_poly1305_sha256'
]
尝试在请求中使用它
const ciphers = [ "TLS_DH_anon_WITH_AES_256_GCM_SHA384" ];
const options = {
host : address + "%" + ifName,
port : service.srv.port,
path : service.path,
method : "GET",
ciphers : ciphers.join(":"),
};
queries.push( options );
testManager.LogEvaluationEvent( "Sending HTTPS Query to " + options.host+ ", port " + options.port + ", path " + options.path );
var req = https.get( options, Callback );
req.on( "error", err => console.log( "Port " + service.srv.port + " Error = " + err ));
req.end();
给出以下错误消息。
Port 55541 Error = Error [ERR_SOCKET_CLOSED]: Socket is closed
Port 55541 Error = Error: 139820378998592:error:141A90B5:SSL routines:ssl_cipher_list_to_bytes:no ciphers available:../ssl/statem/statem_clnt.c:3799:No ciphers enabled for max supported SSL/TLS version
我也有服务器的来源:
const ciphers = [ "TLS_DH_anon_WITH_AES_256_GCM_SHA384" ];
const options = {
key : fs.readFileSync( "key.pem" ),
cert : fs.readFileSync( "cert.pem" ),
ciphers : ciphers.join(":"),
};
const httpsServer = https.createServer(options,function( req, res ) {
console.log("Received HTTPS request",req.headers,req.url);
res.writeHead(200);
res.end( "Hello" );
});
在我看来,这需要在某处启用,或添加到列表中,但我找不到在哪里。任何帮助,将不胜感激!
解决方案
推荐阅读
- android - 对 addDrawerListener 的空对象引用
- reactjs - 如何在本机反应中导航到主屏幕 onPress of login button?
- android - TeamViewer SDK 参考页面给出错误 404
- c# - 得到?即使在设置 UTF8 编码时,也可以替换字符 æ、ø、å、é 等
- wcf - ADFS - HTTP 请求未经客户端身份验证方案“协商”的授权
- css - 将 Bootstrap CSS 添加到 Angular 项目的最佳方式?
- ssl - 将私钥添加到密钥库
- javascript - 如何使用 vue.js 有条件地触发模态
- c++ - 从固定功能迁移到 GLSL OpenGL:我应该如何修改我的视图 (lookAt) 矩阵和透视矩阵?
- javascript - URL.createObjectURL(blob):如何为动态生成的 .pdf 提供“有意义的文件名”?