ChilliSniff
ChilliSniff3y ago

Deno.serveTls with self signed certificate

i try to create a webserver but i cannot use self signed certificates, how can i solve this ?
deno run -A --unsafely-ignore-certificate-errors webserver.js
DANGER: TLS certificate validation is disabled for all hostnames
HTTP webserver running. Access it at: http://localhost:8080/
HTTPS webserver running. Access it at: https://localhost:8443/
TLS alert received: AlertMessagePayload {
level: Fatal,
description: CertificateUnknown,
}
error: Uncaught (in promise) Http: error writing a body to connection: received fatal alert: CertificateUnknown
for await (const o_request_event of o_http_connection) {
deno run -A --unsafely-ignore-certificate-errors webserver.js
DANGER: TLS certificate validation is disabled for all hostnames
HTTP webserver running. Access it at: http://localhost:8080/
HTTPS webserver running. Access it at: https://localhost:8443/
TLS alert received: AlertMessagePayload {
level: Fatal,
description: CertificateUnknown,
}
error: Uncaught (in promise) Http: error writing a body to connection: received fatal alert: CertificateUnknown
for await (const o_request_event of o_http_connection) {
6 Replies
notiggsam
notiggsam3y ago
Can you show how you create your server object?
ChilliSniff
ChilliSniffOP3y ago
// var self = this;
var o_server_https = Deno.listenTls(
{
certFile: o_self.o_config.o_ssl.s_path_certificate_file,
keyFile: o_self.o_config.o_ssl.s_path_key_file,
port: o_self.o_config.o_encrypted.n_port,
hostname: o_self.o_config.o_encrypted.s_host,
}
);

for await (const o_http_connection of o_server_https) {
// In order to not be blocking, we need to handle each o_connectionection individually
// without awaiting the function
// o_self.f_serve_https_or_https(o_connection);
const o_http_connection = Deno.serveHttp(o_connection);
// Each request sent over the HTTP connection will be yielded as an async
// iterator from the HTTP connection.
for await (const o_request_event of o_http_connection) {
// The native HTTP server uses the web standard `Request` and `Response`
// objects.
const body = `Your user-agent is:\n\n${
o_request_event.request.headers.get("user-agent") ?? "Unknown"
}`;
// The o_request_event's `.respondWith()` method is how we send the response
// back to the client.
o_request_event.respondWith(
new Response(body, {
status: 200,
}),
);
}
}

// var self = this;
var o_server_https = Deno.listenTls(
{
certFile: o_self.o_config.o_ssl.s_path_certificate_file,
keyFile: o_self.o_config.o_ssl.s_path_key_file,
port: o_self.o_config.o_encrypted.n_port,
hostname: o_self.o_config.o_encrypted.s_host,
}
);

for await (const o_http_connection of o_server_https) {
// In order to not be blocking, we need to handle each o_connectionection individually
// without awaiting the function
// o_self.f_serve_https_or_https(o_connection);
const o_http_connection = Deno.serveHttp(o_connection);
// Each request sent over the HTTP connection will be yielded as an async
// iterator from the HTTP connection.
for await (const o_request_event of o_http_connection) {
// The native HTTP server uses the web standard `Request` and `Response`
// objects.
const body = `Your user-agent is:\n\n${
o_request_event.request.headers.get("user-agent") ?? "Unknown"
}`;
// The o_request_event's `.respondWith()` method is how we send the response
// back to the client.
o_request_event.respondWith(
new Response(body, {
status: 200,
}),
);
}
}

according to what i read online the flag --unsafely-ignore-certificate-errors should allow self signed certs but i still get this error: error: Uncaught (in promise) Http: error writing a body to connection: received fatal alert: CertificateUnknown ?
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
ChilliSniff
ChilliSniffOP3y ago
but if i do the exact same with Deno.listen which does not use a ssl certificate i dont get that error
Unknown User
Unknown User3y ago
Message Not Public
Sign In & Join Server To View
ChilliSniff
ChilliSniffOP3y ago
wtf like this it works
var o_server_https = Deno.listenTls(
{
certFile: o_self.o_config.o_ssl.s_path_certificate_file,
keyFile: o_self.o_config.o_ssl.s_path_key_file,
port: o_self.o_config.o_encrypted.n_port,
hostname: o_self.o_config.o_encrypted.s_host,
}
);

while (true) {
try {
const o_connection = await o_server_https.accept();
// ... handle the o_connectionection ...
// console.log(o_connection)
const o_http_connection = Deno.serveHttp(o_connection);
while (true) {
console.log("no connection yet")
try {
const requestEvent = await o_http_connection.nextRequest();
// ... handle requestEvent ...
await requestEvent.respondWith(
new Response("hello world", {
status: 200,
}),
);
} catch (err) {
// the connection has finished
break;
}
}

} catch (err) {
// The listener has closed
break;
}
}
var o_server_https = Deno.listenTls(
{
certFile: o_self.o_config.o_ssl.s_path_certificate_file,
keyFile: o_self.o_config.o_ssl.s_path_key_file,
port: o_self.o_config.o_encrypted.n_port,
hostname: o_self.o_config.o_encrypted.s_host,
}
);

while (true) {
try {
const o_connection = await o_server_https.accept();
// ... handle the o_connectionection ...
// console.log(o_connection)
const o_http_connection = Deno.serveHttp(o_connection);
while (true) {
console.log("no connection yet")
try {
const requestEvent = await o_http_connection.nextRequest();
// ... handle requestEvent ...
await requestEvent.respondWith(
new Response("hello world", {
status: 200,
}),
);
} catch (err) {
// the connection has finished
break;
}
}

} catch (err) {
// The listener has closed
break;
}
}