Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Client certificate isn't been recognized

See original GitHub issue

Hi,

I’m creating a proxy to a server that uses certificate authentication.

    server.middleware = proxyMiddleware('/providers/sse/services/scim',
        {target: 'https://backendserver.com',
          changeOrigin: true,
          port: 443,
          secure: true,  // ignore cert errors
          agent: false,
          https: {
            key: fs.readFileSync('private_key.pem'),
            cert: fs.readFileSync('client_cert.pem')
          },
        });

However, when I connect to my server, I’m being prompted for the credentials when the request is being forwarded to the backend server.

At the same time, the following code (written by someone else) that creates an http server directly, passing the same client certificate data, passes the client cert data successfully, and I can retrieve data from the backend server without a prompt:

http.createServer(onRequest).listen(3030);

function onRequest(client_req, client_res) {

  var options = {
    key: fs.readFileSync('private_key.pem'),
    cert: fs.readFileSync('client_cert.pem'),
    agent: false,
    host: backendserver,
    method: client_req.method,
    path: client_req.url,
    headers:{
        Host: backendserver
    }
  };

  var proxy = https.get(options, function(res) {
    client_res.on('data', function(d) {
  });

  res.pipe(client_res, {
      end: true
    });
  });

  client_req.pipe(proxy, {
    end: true
  });

Any idea of what might be wrong?

Issue Analytics

State:
Created 8 years ago
Comments:5 (2 by maintainers)

Top GitHub Comments

2reactions

ataliscommented, Jan 3, 2016

I figured this out, finally. Instead of providing certificate and key as part of the https (or ssl) object, it should be a part of the target object:

server.middleware = proxyMiddleware('/providers/sse/services/scim',
    {
      target: {
        host:  'https://backendserver.com',
        port: 443,
        protocol: 'https:',
        key: fs.readFileSync('private_key.pem'),,
        cert: fs.readFileSync('client_cert.pem')
      },
      changeOrigin: true
    });

0reactions

imbenwolfcommented, Jul 8, 2019

@atalis I am having a similar issue with my certificate not being recognized. I tried your solution but I am getting an ENOTFOUND error. I specified my url just as you did in your answer. Is there something I am missing?
proxyMiddleware('/',
    {
      target: {
        host:  'https://mybackendserver.com',
        port: 8443,
        protocol: 'https:',
        key: process.env.KEY,
        cert: process.env.CERT
      },
      changeOrigin: true
    });

had the same issue: try removing the ‘https://’ part in your host option