Trouble with Node.js HTTPS server called from web browser

[Dave Stearns]

I'm rather new to SSL and Node, so please excuse me if this is a dumb
question.

I am trying to create a Node server that speaks HTTPS, and I am able
to get the correct response when accessing that server via another
Node.js client script, but when I try to access it via a web browser
(Chrome in particular), I get the following response:

No data received
Unable to load the webpage because the server sent no data.
Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection
without sending any data.

My server script is as follows. I was able to verify that the key and
cert file paths were valid and that I was getting data from them via
some console.log() calls that I have since removed.

var options = {
key: fs.readFileSync(settings.web.ssl.keyFilePath),
cert: fs.readFileSync(settings.web.ssl.certFilePath)
}

var port = settings.web.port || 443;

var server = https.createServer(options, onRequest).listen(port);
console.log('server is running at http://127.0.0.1:' + port + '/');

function onRequest(request, response) {
console.log('processing request...');
response.writeHead(200, {'Content-Type': 'text/plain'});
response.end("hello world\n");
}

When I hit the server's URL with Chrome, I get that error and I don't
see the 'processing request...' log message. But when I use the
following client script, I do see the log message and I get the
expected response:

var https = require('https');

var options = {
host: 'localhost',
port: 8443,
path: '/',
method: 'GET'
};

var req = https.request(options, function(res) {
console.log("statusCode: ", res.statusCode);
console.log("headers: ", res.headers);

res.on('data', function(d) {
process.stdout.write(d);
});
});
req.end();

req.on('error', function(e) {
console.error(e);
});

I created the key and the certificate using the following commands,
which I found on the site http://www.silassewell.com/blog/2010/06/03/node-js-https-ssl-server-example/

openssl genrsa -out privatekey.pem 1024
openssl req -new -key privatekey.pem -out certrequest.csr
openssl x509 -req -in certrequest.csr -signkey privatekey.pem -out
certificate.pem

So why does this not work in the browser? Do I need to register that
certificate with the browser in some way since it's self-signed? Or am
I doing something wrong in the server code?

Thanks in advance for any help you can provide!

[Neville Burnell]

You might need permission to access ports below 1024

http://www.linuxquestions.org/linux/articles/Technical/Why_can_only_root_listen_to_ports_below_1024

On May 17, 8:36 am, Dave Stearns <d...@3meters.com> wrote:
> I'm rather new to SSL and Node, so please excuse me if this is a dumb
> question.
>
> I am trying to create a Node server that speaks HTTPS, and I am able
> to get the correct response when accessing that server via another
> Node.js client script, but when I try to access it via a web browser
> (Chrome in particular), I get the following response:
>
> No data received
> Unable to load the webpage because the server sent no data.
> Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection
> without sending any data.
>
> My server script is as follows. I was able to verify that the key and
> cert file paths were valid and that I was getting data from them via
> some console.log() calls that I have since removed.
>
>         var options = {
>                 key: fs.readFileSync(settings.web.ssl.keyFilePath),
>                 cert: fs.readFileSync(settings.web.ssl.certFilePath)
>         }
>
>         var port = settings.web.port || 443;
>
>         var server = https.createServer(options, onRequest).listen(port);

>         console.log('server is running athttp://127.0.0.1:'+ port + '/');

> which I found on the sitehttp://www.silassewell.com/blog/2010/06/03/node-js-https-ssl-server-e...

[Dave Stearns]

I finally figured this out--the trouble was that when I generated the
cert request, I left the "common name" field blank. When I regenerated
the cert using "localhost" for the common name, then the browser
worked as expected (warned me about the self-signed cert but let me
proceed if I wanted to).

I discovered this by using "curl --insecure --verbose <url>". In the
verbose output, the only warning was that it could not get the common
name from the cert. A little poking around on the web, and I
discovered that this will cause most browsers to stop the request in
its tracks.

On May 16, 11:24 pm, Neville Burnell <neville.burn...@gmail.com>
wrote:

> You might need permission to access ports below 1024
>

> http://www.linuxquestions.org/linux/articles/Technical/Why_can_only_r...

>
> On May 17, 8:36 am, Dave Stearns <d...@3meters.com> wrote:
>
>
>
>
>
>
>
> > I'm rather new to SSL and Node, so please excuse me if this is a dumb
> > question.
>
> > I am trying to create a Node server that speaks HTTPS, and I am able
> > to get the correct response when accessing that server via another
> > Node.js client script, but when I try to access it via a web browser
> > (Chrome in particular), I get the following response:
>
> > No data received
> > Unable to load the webpage because the server sent no data.
> > Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection
> > without sending any data.
>
> > My server script is as follows. I was able to verify that the key and
> > cert file paths were valid and that I was getting data from them via
> > some console.log() calls that I have since removed.
>
> >         var options = {
> >                 key: fs.readFileSync(settings.web.ssl.keyFilePath),
> >                 cert: fs.readFileSync(settings.web.ssl.certFilePath)
> >         }
>
> >         var port = settings.web.port || 443;
>
> >         var server = https.createServer(options, onRequest).listen(port);

> >         console.log('server is running athttp://127.0.0.1:'+port + '/');