举个例子,如果服务器绑定在IP地址和端口号上,当然是能运行HTTPS的:
let options = {
key: fs.readFileSync("key.pem"),
cert: fs.readFileSync("cert.pem")
};
https.createServer(options, (req, res) => {
console.log("Request received");
res.writeHead(200);
res.end("hello world\n");
}).listen(50000, "127.0.0.1");
console.log("HTTPS server started.");
setTimeout(() => {
https.request({
host: "127.0.0.1",
port: 50000,
rejectUnauthorized: false
}).end();
}, 1000);
但一旦绑定的是Unix socket,就不能运行HTTPS了,说self signed certificate error:
let options = {
key: fs.readFileSync("key.pem"),
cert: fs.readFileSync("cert.pem")
};
https.createServer(options, (req, res) => {
console.log("Request received");
res.writeHead(200);
res.end("hello world\n");
}).listen("/Users/zzz/test-unix-socket/socket.sock");
console.log("HTTPS server started.");
setTimeout(() => {
https.request({
socketPath: "/Users/zzz/test-unix-socket/socket.sock",
rejectUnauthorized: false
}).end();
}, 1000);
key.pem和cert.pem是用OpenSSL生成的自签名证书:
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 7300 -nodes
这难道是Node的bug?