我有一个像这样的nginxconfiguration。
server { listen 443 ssl; server_name myserver.com; ssl on; ssl_certificate /usr/local/etc/nginx/ssl/myserver.com/fullchain.pem; ssl_certificate_key /usr/local/etc/nginx/ssl/myserver.com/privkey.pem; ssl_client_certificate /usr/local/etc/nginx/ssl/letsencrypt-CA/DSTRootCAX3.crt; ssl_verify_client on; location / { proxy_pass http://127.0.0.1:4433; } 我有一个客户端发送一个签名的请求到服务器,但我总是得到一个错误的ssl错误。
var fs = require('fs'); var https = require('https'); var options = { hostname: 'myserver.com', port: 443, path: '/', method: 'GET', cert: fs.readFileSync('myclient.com/cert.pem'), key: fs.readFileSync('myclient.com/privkey.pem'), ca: fs.readFileSync('myclient.com/DSTRootCAX3.crt'), }; var req = https.request(options, function (res) { res.on('data', function (data) { process.stdout.write(data); }); }); req.end(); req.on('error', function (e) { console.error(e); });
DST根可以在这里find。 https://www.identrust.com/certificates/trustid/root-download-x3.html
我正在使用letsencrypt所有的证书代。