nodejs Https 代理(自签证书)

1.产生证书

 生成一个文件名字：v3.ext

 

authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
extendedKeyUsage = serverAuth

[alt_names]

DNS.1 = domain.com 
# IP address
IP.1 = 192.168.2.221
IP.2 = 127.0.0.1

　

＃生成私钥key文件
openssl genrsa 1024 > /path/to/private.pem

＃通过私钥文件生成CSR证书签名
openssl req -new -key /path/to/private.pem -out csr.pem

＃通过私钥文件和CSR证书签名生成证书文件
openssl x509 -req -days 365 -in csr.pem -signkey private.pem -out file.crt -sha256 -extfile v3.ext

　　

2.创建一个项目

项目初始化

npm init

　安装Express

npm install express

　创建一个main.js

var app = require('express')();
var fs = require('fs');
var http = require('http');
var https = require('https');
var privateKey  = fs.readFileSync('./private.pem');
var certificate = fs.readFileSync('./file.crt');
var credentials = {key: privateKey, cert: certificate};

var httpServer = http.createServer(app);
var httpsServer = https.createServer(credentials, app);
var PORT = 18080;
var SSLPORT = 18081;

httpServer.listen(PORT, function() {
    console.log('HTTP Server is running on: http://localhost:%s', PORT);
});
httpsServer.listen(SSLPORT, function() {
    console.log('HTTPS Server is running on: https://localhost:%s', SSLPORT);
});

// Welcome
app.get('/', function(req, res) {
    if(req.protocol === 'https') {
        res.status(200).send('Welcome to Safety Land!');
    }
    else {
        res.status(200).send('Welcome!');
    }
});

　启动

npm start

 

测试

https://127.0.0.1:18081/

 

3.设置代理访问网站

Chrome设置代理

 

访问https://www.baidu.com

 

 

 参考：

https://stackoverflow.com/questions/43929436/subject-alternative-name-missing-err-ssl-version-or-cipher-mismatch

http://www.it1352.com/817497.html