Requesting an example to add options like SSL parameters (like ca, cert, key).

Question

Requesting an example to add options like SSL parameters (like ca, cert, key).

ranrao opened this issue 3 years ago · 4 comments

const agent = new https.Agent({
    ca: fs.readFileSync('./certs/ca.pem'),
    key: fs.readFileSync('./certs/key.pem'),
    cert: fs.readFileSync('./certs/cert.pem'),
});

const solrOptions = {
    host: 'example.com',
    port: 8983,
    secure: true,
    agent: agent,
};
const client = solr.createClient(solrOptions);
client.basicAuth('solr', 'password');

The above piece of example code returns a bad certificate if using solr-client. Normal REST API with https agent works. Please share the way to pass SSL parameters.

Another possible approach I tried:

const agentOptions = {
    host: 'example.com',
    port: 8983,
    path: '/solr',
    key: fs.readFileSync(keyFile),
    cert: fs.readFileSync(certFile),
    ca: fs.readFileSync(caFile),
};

const solrOptions = {
    host: 'ma-isdssolrt-lslr15.corp.apple.com',
    port: 8983,
    secure: true,
    request: { tls: agentOptions }
};
const client = solr.createClient(solrOptions);
client.basicAuth('solr', 'password');

Both approaches fail with the same error. What's the best way to pass certificates? Please guide. Thanks in advance.

Answer 1 · 2021-12-08T19:25:44.000Z

Issue is only found in the latest release. This works fine in "^0.10.0-rc6". Looks like agent is not plugging in request. Appreciate if we could deliver a fix.

Answer 2 · 2021-12-09T22:30:08.000Z

Looks like we'll need to extend undici a bit for this: nodejs/undici#842
I'll give it a shot, thank you for reporting this.

Answer 3 · 2021-12-09T22:31:20.000Z

Actually, it is already supported: https://github.com/nodejs/undici/blob/main/docs/best-practices/client-certificate.md
I'll see if we are passing all necessary parameters.

Answer 4 · 2021-12-13T00:15:47.000Z

@ranrao Released in 0.10.0-rc9