Skip to content

tls ca: option doesn't support the same formats as openssl -CAfile #24761

New issue
New issue
Closed
Closed
tls ca: option doesn't support the same formats as openssl -CAfile#24761
Labels
confirmed-bugIssues with confirmed bugs.tlsIssues and PRs related to the tls subsystem.
@sam-github

Description

@sam-github
sam-github
opened on Nov 30, 2018
  • Version: all
  • Platform: all
  • Subsystem: tls

OpenSSL supports "BEGIN TRUSTED CERTIFICATE", whereas Node.js silently ignores them. When people fail to authenticate with a ca: file, they often try with other tools (openssl s_client -CAfile ..., curl -cacert ..., ...) to confirm where the CAs are valid. They find they are, but that they don't work with Node.js. Ouch.

Fixed in #24733

Metadata

Metadata

Assignees

No one assigned

    Labels

    confirmed-bugIssues with confirmed bugs.tlsIssues and PRs related to the tls subsystem.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions