I'm trying to send a client certificate from a nodejs app using node-soap
const clientURL = 'prod.wsdl';
const wsdl_options = {
wsdl_options: {
"cert": fs.readFileSync('/etc/ssl/certs/client.crt'),
"key": fs.readFileSync('/etc/ssl/certs/client.key'),
}
};
soap.createClient(clientURL, wsdl_options, function (err, client) {
if (!err) {
client[my-method](args, function (error, result) {
if (error) console.log(JSON.stringify(error))
}
})
But I'm getting an error: {"errno":"EPROTO","code":"EPROTO","syscall":"write"}
When I'm sending a curl, the server gets my request with the correct cert:
curl -X POST https://host:4431/func --cert /etc/ssl/certs/client.crt --key /etc/ssl/certs/client.key
what can be the problem here? am I missing something at wsdlOptions?
Also, My customer gave me the certificate of the soap-server (and NOT the ca itself) and I need to check the ssl certificate of this response against the one he gave me.
How can I do that?
for request library we can do: res.connection.getPeerCertificate() / res.connection.getPeerX509Certificate() like this.
UPDATE:
I found the solution to the first issue with the client certificate and key.
I was missing:
client.setSecurity
After creating the proxy!
For createClient, there is no need to put the cert and key. So the code now looks like this:
const clientURL = 'prod.wsdl';
soap.createClient(clientURL, {}, function (err, client) {
if (!err) {
client.setSecurity(new soap.ClientSSLSecurity('/path/to/key','path/to/cert'));
client[my-method](args, function (error, result) {
...
}
})
Now how can I get the certificate of the server from the response and compare it to the one I have?