Menu
  • HOME
  • TAGS

Error: CERT_HAS_EXPIRED in Node.js request module (macu vs facebook)

Tag: node.js,ssl,ssl-certificate,node-request

My WebProxy is built in node. I am using request module to fetch content from given Url. I am getting CERT_HAS_EXPIRED error for https://www.macu.com while the site opens fine in browser.

My Investigations

I investigated and checked the certificate details via Chrome but I see that certificate is not expired. I do not understand the issue with this website's certificate.

I thought this could be an issue with the vendor not present in the list of Node.js. I tried upgrading npm and node versions but no success. Moreover https://www.facebook.com's certificate is also issued by DigiCert High Assurance CA-3 vendor which clearly says that this vendor is present in Node.js CA list.

Here is the code:

var request = require('request');

function getContent(urlOptions) {
  request.get(urlOptions, function(error, response, body) {
    if (error) console.log('Error:'  + error);

    if (body) {
      console.log('Body:' + body);
    }
  });
}

exports.init = function() {
  var urlOptions = {
    headers: {
      'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
      'Accept-Encoding': 'gzip,deflate,sdch',
      'Accept-Language': 'en-US,en;q=0.8',
      'Cache-Control': 'max-age=0',
      'Connection': 'keep-alive',
      'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.152 Safari/537.36'
    },
    secureProtocol: 'TLSv1_method'
  };

  /* URL options for macu.com domain */
  urlOptions.url = 'https://www.macu.com/mystyle-checking';
  urlOptions.headers.host = urlOptions.headers.Host = 'www.macu.com';
  // urlOptions.rejectUnauthorized = false;  // Works when this option is set but it may cause security issue

  getContent(urlOptions);

  urlOptions.url = 'https://www.facebook.com';
  urlOptions.headers.host = urlOptions.headers.Host = 'www.facebook.com';

  getContent(urlOptions);
};

I just want to know

  1. Why Request module complains for macu.com but not for facebook.com while both have certificates by same vendor.
  2. What is the issue with macu's certificate ?
  3. Why certificate is throwing error for node but is accepted by browser.

Best How To :

Your intermediate certificate for DigiCert High Assurance EV Root CA seems to have expired, see f.e. https://www.sslshopper.com/ssl-checker.html#hostname=www.macu.com

Likely your browser did not complain about it, because it had a newer, valid version of that intermediate cert installed already (and used that to prove the identity of the signing institution), whereas on your node instance it was still the old one (and it presented that to the counterpart).

Edit: A little further explanation: When an encrypted connection is negotiated between two parties, the initiating party will present its certificate and the intermediate certificates, so that the counterpart can verify them.

If your browser already has the up-to-date intermediate certificate DigiCert High Assurance EV Root CA stored in its own certificate cache, then it will likely use that to verify the certificate it is presented with.

Other parties (like your node.js module) however might not have the intermediate certificates stored themselves, so they rely on what they get presented. And if one of the certificates in the chain is expired, validation of the whole thing will therefor fail.

How to handle expressjs middleware request. post request remains pending made by dropzone

node.js,express,dropzone.js,multer

You need an Express route for your form post that will finish the http request. The multer middleware will process the file uploads and add them to the request so they are available to a route handler, but you need to have a route for the form post. From the...

What does this line in NodeJs mean?

node.js

require returns what ever was defined in the package. In the cases above they are functions and so the second parameter is actually calling the function. If you break it out it would look like this: var debugFunctionFactory = require('debug'); var debug = debugFunctionFactory('morgan'); debug('this is a test debug command');...

After deploying to heroky scripts and css not available

node.js,heroku

I resolved it. I think, I asked incorrect question. The problem was in missing bower command installation for dependencies when deploy.

How to use a variable as an Object Key [MongoDB] [duplicate]

node.js,mongodb

JavaScript has no nice notation for creating an object where the keys are variables: var $push_query = {}; $push_query[name] = item; ... {"$push": $push_query} ... ...

SSL/TLS: Why will the server be the only one to be able to decrypt the encrypted number if it's a public key?

ssl,encryption

Because it's public-private key encryption, not symmetric encryption. The plaintext is encrypted to cipher text with the public key and decrypted back to the plaintext with the private key. Trying to decrypt that ciphertext with the public key doesn't work.

Create n:m objects using json and sequelize?

javascript,json,node.js,sequelize.js

Have a look at nested creation (the feature is not documented yet) Store.create({ name:'corner store', address: '123 Main Street', products: [ { name: 'string beans' }, { name: 'coffee' }, { name: 'milk' } ] }, { include: [Product] }); This will create both stores and products and associate the...

What does a [Function] (wrapped in square brackets) mean when inside of a javascript object?

javascript,node.js,javascript-objects

I'm able to replicate the output with the following setup: > function bar() {} > bar.baz = 42; > console.log({foo: bar}); { foo: { [Function: bar] baz: 42 } } So ObjectId: { [Function: ObjectId] schemaName: 'ObjectId' } } means that ObjectId is the property of an object. The value...

Is express similar to grunt? what is the difference? what are the advantages of express over grunt?

node.js,express,gruntjs,mean-stack

Express is a webserver framework on top of nodejs (like symphony for php). Grunt is an automation tool (like make or gulp) and not a webserver. The only thing they have in common is, that they use the JavaScript programming language. MEAN is a full stack environment for developing web...

How do I run C# within a Node.js server application?

c#,node.js,server

I have idea for your problem . U can write c# console app and then call it from nodejs . U can look this url Execute an exe file using node.js . after c# job writes all data to database, u can look to the this table read from it...

Redis: Delete user token by email ( find Key by Value )

node.js,express,redis

You basically have to choose one of two approaches: a full scan of the database or an index. A full scan, as proposed in another answer to this question, will be quite inefficient - you'll go over your entire keyspace (or at least all the tokens) and will need to...

NPM : how to just run post-install?

node.js,npm,package.json

You can run individual script entries using npm run SCRIPTNAME: $ npm run postinstall ...

What are some patterns I can look at for database implementations in JavaScript?

javascript,node.js,mongodb

That's a pretty wide question, partly opinion based. This question should be closed, but I still want to give you some advice. There once was the Active Record pattern, which has been proven to be pretty difficult to maintain. The solution was the DAO pattern, but this adds a lot...

ssl certificate with and without www

apache,ssl

Usually, registries create certificates for your hostname and the domain above (see https://en.wikipedia.org/wiki/SubjectAltName). If the registry does not support this, than choose a different one.

Replace nodejs for python?

python,node.js,webserver

You might want to have a look at Tornado. It is well-documented and features built-in support for WebSockets. If you want to steer clear of the Tornado-framework, there are several Python implementations of Socket.io. Good luck!...

Why is address undefined in my app?

node.js,express,jasmine,supertest

request(app.app) instead of request(app) in integration test should fix the error. var request = require('supertest'); var app = require('../app'); describe('GET /', function(){ it('should repsond with 200', function(done){ request(app.app) .get('/') .expect(200, done.fail); }); }); ...

Error handling when uploading file using multer with expressjs

node.js,express,multer,busboy

You can handle errors using the onError option: app.post('/upload',[ multer({ dest : './uploads/', onError : function(err, next) { console.log('error', err); next(err); } }), function(req, res) { res.status(204).end(); } ]); If you call next(err), your route handler (generating the 204) will be skipped and the error will be handled by Express....

node.js winston logger no colors with nohup

node.js,logging,nohup,winston

It's caused by colors package (used by winston) that performs the following check when trying to determine whether to support colors: if (process.stdout && !process.stdout.isTTY) { return false; } This means that when your application is running in a background, it doesn't have a terminal and colors are not used....

nodejs head request isn't triggering events

node.js,http

The problem is that you don't declare a data or readable event handler. According to the fine manual: A Readable stream will not start emitting data until you indicate that you are ready to receive it. Instead, the stream will be put in a "paused" state indefinitely (until you start...

Sockets make no sense?

javascript,node.js,sockets

The client doesn't get to cause arbitrary events to fire on the socket. It is always a message event. Using the same client, try this server code in your connection handler: socket.on('message', function(data) { // data === "pressed", since that's what the client sent console.log("Pressed!"); socket.close(); }); ...

mongodb populate method not working

node.js,mongodb,model,populate,auto-populate

When you create an instance of the Post model, you need to assign the _id from the user as an ObjectId, not a string: var ObjectId = require('mongoose').Types.ObjectId; Post.create({ text: 'farheen123', created_by: new ObjectId('5587bb520462367a17f242d2') }, function(err, post) { if(err) console.log("Farheen has got error"+err); else console.log(post); }); ...

NPM Error: self signed certificate in certificate chain

ssl,npm,tsd

One little FYI first : if you just want to learn AngularJS, maybe it's not the best way to start with TypeScript. If it's the case for you, try the tutorial on angularjs.org, which use JavaScript and angular-seed. Anyway, if you want to use tsd, you have to edit your...

Using TypeScript type definitions with Webstorm 10 [duplicate]

node.js,typescript,webstorm

Using that dialog, I downloaded the node and express type definitions and can see them in the External Libraries section of my project. However, I still get the same error about "require" That dialog gets TypeScript definitions to use with JavaScript. You need to download the typescript definitions manually...

javascript “this” keyword works as expected in browser but not in node.js

javascript,node.js

In both, the browser and Node, this inside the function refers to the global object (in this case). Every global variable is a property of the global object. The code works in the browser because the "default scope" is the global scope. var bar therefore declares a global variable, which...

node ssh2 shell unable to run apt-get install on remote machine

node.js

Try to change \nwith &&: stream.end('sudo apt-get update -y && sudo apt-get install -y build-essential && exit'); ...

call functions in async with node which is more recomended Q or callback

javascript,node.js,callback,promise,q

I don't even see why you particularly need promises for this. function myHandler(req, res) { var dataChunks = [], dataRaw, data; req.on("data", function (chunk) { dataChunks.push(chunk); }); req.on("end", function () { dataRaw = Buffer.concat(dataChunks); data = dataRaw.toString(); console.log(data); var filePath = 'C://test.txt'; var writeStream = fs.createWriteStream(filePath, {flags: 'w'}); writeStream.write(data); writeStream.on('finish',...

Emitting and receiving socket io within the same file

node.js,express,socket.io

If you are trying to emit and listen for events within the same file, you should be using the built in event listeners for node, not the specialized ones for socket.io (https://nodejs.org/api/events.html): var EventEmitter = require('events').EventEmitter; var eventExample = new EventEmitter; //You can create event listeners: eventExample.on('anEvent', function(someData){ //Do something...

I'd like to count the documents with the matching “name” property AND group them by “name” at the same time

node.js,mongoose,group-by

If you want mongodb to handle the query internally you could use the aggregation framework. In mongodb it looks like: db.users.aggregate( [{ $group: { _id: '$firstName', // similar to SQL group by, a field value for '_id' will be returned with the firstName values count: {$sum: 1} // creates a...

serving GAE applications over http

java,google-app-engine,ssl

There two things you've missed from docs: Google Cloud Endpoints requires SSL. If you need to access your backend API in a system not supporting SSL, you'll need to either update the system to support SSL or use a proxy. and Google Cloud Endpoints does not support custom domains. See...

How to add new items to an array in MongoDB

arrays,node.js,mongodb

$set is not an array update operation. The $set operator replaces the value of a field with the specified value. You just want to use $push by itself, as in .update({_id: id}, {$push: {name: item}}) You can't interpolate object property names in raw object declarations, so if you want to...

NodeJS / ExpressJS check valid token parameter before routing

node.js,express,parameters

Use a middleware. app.use(function (req, res, next) { if (checkToken(req.query.token) { return next(); } res.status(403).end("invalid token"); }); app.use(require('./controllers')) ...

jQuery DataTables with Node.js

javascript,jquery,node.js,datatables,jquery-datatables

You need to define dataSrc and columns.data - the following should work : var table = $('#example').DataTable({ processing: true, serverSide: true, ajax: { url: "/viewreports", dataSrc: "reportList" }, columns: [ { data : "reportID" }, { data : "eBayUserID" }, { data : "reportStatus" }, { data : "summary" },...

Add multiple rows from same model AngularJS

angularjs,node.js

You should have an array of users in your controller and every time you press "Add another user" you can add a new user to your array. The code in your controller: $scope.users = [{ name: "1" , email: "email1", password:"pas1" }, { name: "2" , email: "email2", password:"pas2"}];; $scope.addUser...

How to make a website work only with https [duplicate]

asp.net,ssl,https

Sure, assuming you are using IIS to host your site, open IIS Manager and select your web site and then binding on the right: make sure you only have a binding for https not for http. This way IIS will only send https traffic to that web site. Edit: What...

Waiting for promises - code hangs

javascript,node.js,promise

What you want is validate = function(data) { var p = new Promise(function(resolve, reject)){ var all_promises = Array(); all_promises.push(resBooking); resBooking.count(...).then(...).catch(...); Promise.all(all_promises).then(resolve); }); return p; }; In other words, call resolve, not p.resolve(). p.resolve will generate a run-time error (p doesn't exist), which will be "swallowed" by the promise constructor and...

React from NPM cannot be used on the client because 'development' is not defined. The bundle was generated from Webpack

javascript,node.js,npm,reactjs,webpack

Any values passed to webpack.DefinePlugin as strings are treated as code fragments—that is to say, using new webpack.DefinePlugin({ ENV: "development" }); with the code console.log(ENV); results in console.log(development); Instead, you want new webpack.DefinePlugin({ ENV: "\"development\"" }); which will result in console.log("development"); To fix your issue, change your plugins to plugins:...

Is there a before() function in Protractor?

angularjs,node.js,automated-tests,protractor,hierarchy

My solution to this problem was to split the two describe blocks in to 2 separate spec files. I figured this made more sense anyway, as each test had different conditions it needed to meet, and it isn't much hassle to have extra spec files.

Socket.io client does not connect to server

node.js,express,socket.io

I don't know if this is the only issue, but you're calling this: var io = require("socket.io").listen(app); before you assign the app variable so it is undefined. The request for this URL: http://localhost:3000/socket.io/?EIO=3&transport=polling&t=1434334401655-37 is how a socket.io connection starts so that is normal. The problem is that the socket.io listener...

Getting failed to load c++ bson extension error using Mongodb and Node.js

javascript,node.js,mongodb

Since you're using the mongojs module, you're going to have to connect to the database using the following method db = mongo("127.0.0.1:27017/"+db, collections); ...

how can I import a file in node.js?

javascript,node.js

You will need to change this line: var template={ to this: module.exports={ And then you can simply do: var template = require('./path/to/template.js'); Note that this is a relative path to your file. You need to set module.exports because that is the convention NodeJS uses to say "this is what will...

Getting CROS Error even after adding header in node.js for Angular js

javascript,angularjs,node.js

The error message spells it out for you. Your client side code is trying to set an Access-Control-Allow-Origin header: RestangularProvider.setDefaultHeaders({"Access-Control-Allow- Origin":"*"}); Your server side code allows a number of headers, but that isn't one of them: 'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept"', Remove the line: RestangularProvider.setDefaultHeaders({"Access-Control-Allow- Origin":"*"}); Access-Control-Allow-Origin is a response...

Error is not thrown inside a deferred method

node.js,exception-handling,deferred

The behavior of deferred seems reasonable to me in your cases. In the second case, I don't think that deferred has a way to catch the error thrown in the nextTick callback. So the error is thrown. In the first case, deferred catches it and considers that that resulting promise...

Socket.IO message doesn't update Angular variable

javascript,angularjs,node.js,sockets

You need to wrap the change of the model (changing properties on the $scope), with $scope.$apply(function() {}) in order to to update the view. var container = angular.module("AdminApp", []); container.controller("StatsController", function($scope) { var socket = io.connect(); socket.on('message', function (msg) { console.log(msg); $scope.$apply(function() { $scope.frontEnd = msg; }); }); }); $apply()...

What type of database is the best for storing array or object like data [on hold]

database,node.js,sockets

Redis would probably be fastest, especially if you don't need a durability guarantee - most of the game can be played out using Redis' in-memory datastore, which is probably gonna be faster than writing to any disk in the world. Perhaps periodically, you can write the "entire game" to disk....

Node Server - Source Code accessible

node.js,express

The obvious answer is to change the directory used in the express.static() middleware if you're using that. Typically there is a public or similarly-named directory that you would create that holds only your public assets. Remove the app.use(express.static(__dirname + '/'));, this is what is allowing your code to be public....

Now that SSLSocketFactory is deprecated on Android, what would be the best way to handle Client Certificate Authentication?

android,ssl,okhttp,pkcs#12

Apparently, there are two SSLSocketFactory classes. HttpClient has its own one, and that is deprecated along with the rest of HttpClient. However, everybody else will be using the more conventional javax.net.ssl edition of SSLSocketFactory, which is not deprecated (thank $DEITY).

websockets - reject a socket connection

node.js,sockets,websocket

You can either use socket.close() or socket.terminate() to close the connection.

How to use promises to do series without duplicate code

node.js,promise,bluebird

Just use a loop. var lastPromise = Promise.resolve(); for (var x = 0; x < 100; x++) { lastPromise = lastPromise.then(function () { return object.asyncFunc(); }); } You could also use Promise.reduce over an array with a length of 100 to achieve the same effect. Promise.reduce(new Array(100), function () {...

Access Node-Webkit App from other Application

node.js,node-webkit

I'm not familiarized with the applescript language, but is possible between languages that have an implemented library for socket.io Using socket.io you can behave between applications, socket.io act like an node.js EventEmitter (or pubsub), clients can send events and suscribe to those events in real-time. For your case you can...

How to get my node.js mocha test running?

javascript,node.js,mocha,supertest

Create a separate file called app.js. The only purpose of this file would be to run the server. You'll also need to export your app object from server.js. So, your server.js would look like this // set up ====================================================================== var express = require('express'); var app = express(); // create our...

Subject Alternative Name not present in certificate

ssl,openssl,ssl-certificate

You can use: copy_extensions = copy under your CA_default section in your openssl.cnf. but only when you're sure that you can trust the extensions in the CSR as pointed out in this thread: http://openssl.6102.n7.nabble.com/subjectAltName-removed-from-CSR-when-signing-td26928.html See also: How can I generate a self-signed certificate with SubjectAltName using OpenSSL?...