Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
socket.client.request.client.getPeerCertificate() always returns null.
See original GitHub issueIf client certificates are enabled on the server there is no way to get to the underlying clientCertificate as socket.client.request.client.getPeerCertificate() always returns null.
This happens even if the the client certificate is valid and authorized.
socket.client.request.client.authorized = true
I belive this is the result of a change in node tls functionality.
https://github.com/nodejs/node/commit/eff8c3e02417652b78436eaa10d049e8c60e5275
`
var httpsOptions = { key: fs.readFileSync(path.join(__dirname, ‘serverkey.pem’)), cert: fs.readFileSync(path.join(__dirname, ‘servercert.pem’)), requestCert: true, rejectUnauthorized:false }; https_srv = https.createServer(httpsOptions, app).listen(objOptions.httpsport, function () { //console.log('Express server listening on port ’ + port); writeToLog(“info”,'Express server listening on https port ’ + objOptions.httpsport); }); io.attach(https_srv);
io.on(‘connection’, function (socket) { let cert = socket.client.request.client.getPeerCertificate(); if (cert) { console.log(cert.subject.CN); }else{ console.log(“cert is null”); } } `
Issue Analytics
- State:
- Created 3 years ago
- Comments:7 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
did this PR make it into the latest version I upgraded to latest 2 months ago and it wasn’t there, I did create an example as well using openssl and a way to create client certs with CA so more complicated in code example wise but shows how you can use client Auth but got pulled off on another project so never got to testing it like I wanted. I will try to work on it when I get home next week. https://github.com/Andrewiski/socket.io-chat-client-certificate this is not yet complete .
This https://github.com/Andrewiski/socket.io is my version of latest Sockte.IO with getPeerCertificate fix, but I had to namespace it as with Type Script I have to do a build to “compile/convert” Typescript to Javascript which then must be deployed to npm so not as simple as it was with straight JavaScript.
Anyways the fix is the same.
if ( conn && conn.request && conn.request.client && conn.request.client.getPeerCertificate ) { this.peerCertificate = conn.request.client.getPeerCertificate(); } else { this.peerCertificate = null; }
Please try this simple example
toggle between my library and current socket.io in server.js
Note how using my pull request @Andrewiski/socket.io you can determine who is connected via socket by using the client cert.
Note how using your example (https://socket.io/docs/v4/server-initialization/#with-an-https-server) does not work as no client certificate can be used as it is always null.