gpt4 book ai didi

javascript - 如何在 HTTPS 配置的 Express 服务器上避免 "Site not secure"

转载 作者:行者123 更新时间:2023-11-30 09:29:54 26 4
gpt4 key购买 nike

我正在创建一个 Express 应用程序,我想在其中使用 HTTPS。我在 StartSSL.com 创建了一个证书,并将其导入到我的服务器中,现在可以正确建立到服务器的连接。

但是有一些问题:

"Not Secure"

为什么会发生这种情况?我是否必须以某种方式添加中间证书?该证书应该已经签名,但我可能是错的。这是我在index.js中的配置部分:

var bodyParser = require('body-parser');
app.use(bodyParser.json()); // support json encoded bodies
app.use(force_https);
app.use(bodyParser.urlencoded({ extended: true })); // support encoded bodies

app.use(helmet());
app.disable('x-powered-by');
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});

// Setup HTTPS
const httpsPort = 3443;
const options = {
key: fs.readFileSync("./key.pem", "utf8"),
cert: fs.readFileSync("./cert.pem", "utf8")
};

var secureServer = https.createServer(options, app).listen(httpsPort, () => {
console.log(">> CentraliZr listening at port "+httpsPort);
});

我的证书包含以下内容(共享它没有问题;这只是一个测试应用程序):

Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3084 (0xc0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Seattle, O=getaCert - www.getacert.com
Validity
Not Before: Oct 23 16:54:10 2017 GMT
Not After : Dec 22 16:54:10 2017 GMT
Subject: C=ES, ST=Madrid, L=Madrid, O=centralizr, OU=devops, CN=centralizr.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:98:23:37:c0:18:77:4d:a1:22:b4:97:08:bb:c8:
11:06:03:ab:40:f3:da:ed:ff:e4:bc:5c:e9:60:86:
3f:ff:b3:49:93:b1:af:8c:cd:90:ae:96:24:d2:13:
f3:cd:d0:90:c3:34:9b:d9:72:4c:f7:95:48:27:c6:
0b:33:15:a0:a9:4f:14:03:e2:02:ac:67:b1:10:b6:
78:45:c1:75:bb:50:18:8f:40:58:0e:a1:d9:a1:89:
ec:1f:80:31:1f:dc:30:53:6a:97:1b:6e:99:0d:13:
8c:de:c2:32:1b:7e:06:43:e3:d3:34:77:62:85:fe:
2b:2f:87:a3:0d:85:92:75:97:95:10:49:6b:ee:77:
03:56:a7:a9:fd:d6:77:d9:da:10:6d:fa:77:34:99:
0f:ee:17:27:3c:9c:bc:08:94:9b:a1:c9:fa:81:a9:
d8:94:05:d1:69:40:08:28:e4:42:b1:be:21:2e:dc:
21:16:e3:4a:25:55:da:f6:7b:5f:2c:32:0e:af:88:
cb:da:cc:e5:c0:cf:80:1b:33:91:27:aa:bf:ab:ef:
bd:a8:77:f8:6e:46:1a:cb:e3:38:d9:a9:3f:3d:9b:
36:b5:8e:fd:b3:01:90:18:c5:b1:b0:09:c3:39:5b:
60:e8:9f:cc:26:9b:e2:3b:5c:7c:41:50:2f:0e:fe:
eb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Cert Type:
SSL Client, SSL Server, S/MIME, Object Signing
X509v3 Key Usage:
Key Encipherment
Signature Algorithm: sha256WithRSAEncryption
76:67:0f:a8:e0:eb:46:ef:dc:b2:76:c8:f4:7d:55:0a:dd:62:
02:6a:54:f4:ab:de:49:89:31:1e:26:2b:b5:61:04:7c:31:80:
c2:92:6e:ae:b7:97:86:cf:5b:7e:23:c4:ba:46:f1:57:6e:ea:
c6:70:06:e9:79:f8:03:5c:fc:ac:8c:f3:02:22:b6:71:1a:ac:
22:87:b1:26:c8:d3:6d:09:d2:22:6a:d1:b2:d0:17:94:6b:36:
ce:99:84:7f:7d:26:09:bd:82:69:b1:59:a0:34:cc:5b:fb:19:
e8:40:03:21:6a:fd:40:74:2b:a6:08:ef:c8:3c:86:31:fb:1e:
ac:a5:09:7f:f5:7f:68:bd:4c:28:89:c0:35:24:d6:73:0e:f7:
68:aa:b3:40:3c:49:22:40:54:ee:8b:eb:a3:39:ef:31:e8:72:
fa:33:93:fd:45:a8:11:d6:c0:11:73:ac:8e:2c:c0:7e:17:0a:
25:46:05:e4:ae:bc:6d:a5:16:df:fb:ee:8c:cb:7f:d2:82:14:
22:23:d4:67:92:ad:ce:ca:77:36:52:ea:86:fb:8b:db:ef:b2:
bb:da:4f:66:d9:45:af:45:0a:15:5d:f6:32:2d:d3:3c:73:21:
bc:aa:f0:c8:16:3e:62:43:4a:61:e7:db:24:86:e3:79:13:5e:
62:63:22:30
-----BEGIN CERTIFICATE-----
MIIDcTCCAlmgAwIBAgICDAwwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1NlYXR0bGUxJDAiBgNVBAoT
G2dldGFDZXJ0IC0gd3d3LmdldGFjZXJ0LmNvbTAeFw0xNzEwMjMxNjU0MTBaFw0x
NzEyMjIxNjU0MTBaMG4xCzAJBgNVBAYTAkVTMQ8wDQYDVQQIEwZNYWRyaWQxDzAN
BgNVBAcTBk1hZHJpZDETMBEGA1UEChMKY2VudHJhbGl6cjEPMA0GA1UECxMGZGV2
b3BzMRcwFQYDVQQDEw5jZW50cmFsaXpyLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJgjN8AYd02hIrSXCLvIEQYDq0Dz2u3/5Lxc6WCGP/+zSZOx
r4zNkK6WJNIT883QkMM0m9lyTPeVSCfGCzMVoKlPFAPiAqxnsRC2eEXBdbtQGI9A
WA6h2aGJ7B+AMR/cMFNqlxtumQ0TjN7CMht+BkPj0zR3YoX+Ky+How2FknWXlRBJ
a+53A1anqf3Wd9naEG36dzSZD+4XJzycvAiUm6HJ+oGp2JQF0WlACCjkQrG+IS7c
IRbjSiVV2vZ7XywyDq+Iy9rM5cDPgBszkSeqv6vvvah3+G5GGsvjONmpPz2bNrWO
/bMBkBjFsbAJwzlbYOifzCab4jtcfEFQLw7+618CAwEAAaMtMCswCQYDVR0TBAIw
ADARBglghkgBhvhCAQEEBAMCBPAwCwYDVR0PBAQDAgUgMA0GCSqGSIb3DQEBCwUA
A4IBAQB2Zw+o4OtG79yydsj0fVUK3WICalT0q95JiTEeJiu1YQR8MYDCkm6ut5eG
z1t+I8S6RvFXburGcAbpefgDXPysjPMCIrZxGqwih7EmyNNtCdIiatGy0BeUazbO
mYR/fSYJvYJpsVmgNMxb+xnoQAMhav1AdCumCO/IPIYx+x6spQl/9X9ovUwoicA1
JNZzDvdoqrNAPEkiQFTui+ujOe8x6HL6M5P9RagR1sARc6yOLMB+FwolRgXkrrxt
pRbf++6My3/SghQiI9Rnkq3Oync2UuqG+4vb77K72k9m2UWvRQoVXfYyLdM8cyG8
qvDIFj5iQ0ph59skhuN5E15iYyIw
-----END CERTIFICATE-----

那么,有两个问题:

  1. 为什么会出现此错误?
  2. 我向那里发送的信息至少是加密的吗?

谢谢!

编辑:这是我的导航器抛出的错误:

NET::ERR_CERT_AUTHORITY_INVALID

最佳答案

  1. 证书的主题必须与您正在访问的域匹配。该证书似乎对 localhost 无效。事实上,适当的 CA 实际上不可能向您颁发 localhost 证书,因为他们不可能验证该域。
  2. Chrome 和许多其他浏览器,stopped accepting StartCom certificates有效。

获取localhost有效证书的唯一方法是创建一个自签名根证书,将其安装在所有相关的本地信任存储中,并使用来签署自行创建的证书。

关于javascript - 如何在 HTTPS 配置的 Express 服务器上避免 "Site not secure",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46935678/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com