I'm using node.js and this request module to make HTTP calls to another server.
https://github.com/mikeal/request
It works great. I now need to modify this code to make the calls over SSL, using my company's SSL certificate. In the request module's docs, it says this about the strictSSL option:
"strictSSL - Set to true to require that SSL certificates be valid. Note: to use your own certificate authority, you need to specify an agent that was created with that ca as an option."
This sounds like what I need to do, but I don't understand this phrase: "specify an agent that was created with that ca as an option.".
1) What do they mean by "an agent"?
2) How do I "specify an agent"
3) How do I create the agent "with that ca as an option"?
A code example would be amazing, but any leads would be helpful. Thanks.
This largely elaborates on Peter Lyons' answer, providing an example.
I am assuming that you are requesting a domain running over HTTPS with a certificate signed by your own certificate authority (ca).
When using the request library, as you do, there is no need to actually instantiate the agent yourself, you can simply provide some agentOptions to the request you are making. The following is an example:
request({
method: "POST",
uri: "https://localhost/entries",
headers: {
"Content-Type": "application/json"
},
body: JSON.stringify({
name: "someEntry"
}),
agentOptions: {
ca: fs.readFileSync("certs/ca.cert.pem")
}
}, function(error, httpResponse, body) {
//handle response
});
The important thing here is the agentOptions, which you provide the certificate of a ca. All domains using certificates signed by the ca are now accepted. Imagine a ca CA1 has signed three domains, D1, D2, D3. Setting the ca to CA1 results in allowing requests to all of the domains D1, D2, D3 (but not D4 signed by a different ca).
Point being: the "certs/ca.cert.pem" must be the certificate of the signing certificate authority.
- "an agent" means an instance of http.Agent from the node standard
http module
- The docs indicate this agent instance would be passed to
request in the pool option I believe, although I haven't done it myself and the docs are indeed sparse on details here. Based on skimming the code, I think you might just need options.ca
- request seems to directly support
options.ca and uses it here in getAgent
So my guess is maybe just pass in options.ca as a string that is the public key of your company's certificate authority and see if request does the right thing from there.
const request = require('request');
request.post({
url: strRSAUrl,
agentOptions: {
ca: fs.readFileSync('path-to-cacert.pem')
},
form: {
some_key: some_value,
}
}, function (error, response, body) {
objResponse.send(body);
});
For more details,you can refer from nodejs#request
perhaps I'm misunderstanding the problem, but in my experience you don't need to do anything special at all if you require('https'), the call automatically goes out over SSL.
I just tested this with my google maps api call and indeed if I require('http') Google complains that it wants the call to come in over SSL, but when I add the s everything works as expected.
