I'm following this tutorial to create a HTTPS server.
My app.js looks like:
var https = require('https');
//var httpServer = http.createServer(app);
//httpServer.listen(3000);
var options = {
key: fs.readFileSync('./config/ssl/server.key'),
cert: fs.readFileSync('./config/ssl/server.crt'),
ca: fs.readFileSync('./config/ssl/ca.crt'),
requestCert: true,
rejectUnauthorized: false,
passphrase: 'password'
};
https.createServer(options, app).listen(5000);
Some API calls, I want to ensure that the client provides the certificate, so I've done:
// List all boxes
router.get('/api/boxes', function(req, res, next) {
if (req.client.authorized) {
next();
} else {
res.writeHead(401, {"Content-Type": "application/json"});
res.end('{"status": "denied"}');
}
}, boxesController.list);
Then, I call my server with curl using:
curl -s -v -k --key ./client.key --cert ./client.crt https://10.0.1.13:5000/api/boxes
But it always returns {status: denied}. Why?