node.js/express demonstration of https and client auth
This was inspired by the excellent article HTTPS Authorized Certs with Node.js. Code is similar to the sample but incorporates Express. Commands were distilled into two bash shell scripts.
# Install dependencies
npm install
cd certs
# Create all necessary certificates. Dig into the scripts to learn more.
./init.sh
# Start 'er up.
cd ..
node app
# Access the site using the client certificate created above.
curl -v -s -k --key snort-key.pem --cert snort-crt.pem https://localhost:4433
- Add the client pfx file to your certificate store. Because you're using a newly created CA, you'll probably need to add that pfx as well.
- Browse to https://localhost:4433.
- You should be presented with a dialog box. Choose the client certificate.
Note that if you change the certificate, you will need to completely close Chrome (and possibly need to kill the task) in order to see the dialog again.
Certificate Revocation is left as a future exercise.