Comments (13)
Which --ssl.protocol
value are you using for the server? The default for this option should be 4 (TLSv1), but it may be adjusted in a local config file.
from arangojs.
There was no ssl-protocol
option in my config file. According to the docs the value was on default (4). The option now inserted into my config, but no change after restart.
from arangojs.
After some debugging it seems that the request was sent out in plain old http when connect from node/iojs: there is no distinction between http and https in request.js
.
In the baseUrlParts
variable i can see the correct protocol and href properties with correct https
value.
from arangojs.
Confirmed. The http
module's request
function doesn't do HTTPS, the https
module's request
function doesn't do HTTP. Apparently we need to switch between them ourselves. Yay.
EDIT: The agents aren't compatible either. Awesome.
from arangojs.
@legikaloz I've added support for HTTPS. If the URL you pass into the Database constructor uses HTTPS, the requests (and the default agent) will use the https
module instead of the http
module. Could you try out the version from the repo and see whether that solves your problem?
from arangojs.
I can confirm the fix, works perfectly in my trials.
from arangojs.
I've published the fix as 1.8.1 on NPM. Thanks for checking this.
from arangojs.
Oops, sorry, i tried with wrong settings :(
the driver doesn't work:
Unhandled rejection Error: unable to verify the first certificate
at Error (native)
at TLSSocket.<anonymous> (_tls_wrap.js:926:38)
at emitNone (events.js:67:13)
at TLSSocket.emit (events.js:163:7)
at TLSSocket._finishInit (_tls_wrap.js:511:8)
Tried to readd certificates with ssl-root-cas
, and with https.globalAgent.options.ca.concat()
without success. There are no problems with handmade API calls:
require('ssl-root-cas').inject().addFile('.ssl/ca.pem').addFile('.ssl/sub.class1.server.ca.pem');
var https=require('https');
var options = {
host: 'https.server.com',
port: 8530,
path: '/_db/test/_api/version',
method: 'GET'
};
var request = https.request(options, function(res) {
console.log("statusCode: ", res.statusCode);
console.log("headers: ", res.headers);
res.on('data', function(d) {
process.stdout.write(d);
});
});
request.on('error', function(e) {
console.error('error');
console.error(e);
});
request.end();
The response:
statusCode: 200
headers: { server: 'ArangoDB',
connection: 'Close',
'content-type': 'application/json; charset=utf-8',
'content-length': '44' }
{"server":"arango","version":"2.6.0-alpha3"}
from arangojs.
Have you tried adding the certificate before requiring arangojs? In your HTTPS examples you always do so before requiring https.
The error message is now explicitly complaining about the certificate, so it's now using SSL, at least.
If all else fails, try to create the database object with the option {agent: require('https').globalAgent}
. That should make sure it behaves more like the vanilla https.request function.
EDIT: You mention you're adding the certificate to the https.globalAgent -- that isn't enough if you use arangojs with the default configuration. arangojs creates its own Agent instance to cap the number of open sockets for efficiency. Take a look at the agent and agentOptions configuration options.
from arangojs.
The driver works the with the suggested options:
{agent: require('https').globalAgent}
OR
agentOptions: {
ca: [fs.readFileSync('.ssl/sub.class1.server.ca.pem'),fs.readFileSync('.ssl/ca.pem')]
}
Which one do you prefer?
ps: please add this to the docs
from arangojs.
agentOptions
is preferrable as the globalAgent behaves differently from the default (performance-wise).
from arangojs.
Thanks for the clarification
from arangojs.
I've added a note about HTTPS to the README. It'll show up on NPM after the next release.
from arangojs.
Related Issues (20)
- db.listUsers not rerturning an array of ArangoUser HOT 1
- db.updateUser and db.replaceUser using wrong urls
- Implement JWT refresh endpoint HOT 3
- Invalid token while loading arangojs module in nodejs - collection.js, cursor.js, and graph.js - syntax error HOT 2
- Replace XHR with Fetch HOT 1
- How to use "ForceOneShardAttributeValue" option in aqlQuery? HOT 3
- Better handling of arangojs' connection pool to avoid "socket hang up?" HOT 2
- Update driver Version in Tutorial
- db.exists() no longer a function? HOT 3
- collection.document failing with options HOT 2
- Infinite loop in connection.js:177 HOT 3
- connect ECONNREFUSED error HOT 1
- Type issue after updating to v8.4.0 HOT 3
- Are there any code examples demonstrating how to include AQL queries in a stream transaction? HOT 2
- Getting error "expecting POST /_api/cursor" from Arangojs HOT 14
- Jest detecting open handles HOT 3
- outEdges and inEdges not working HOT 2
- Getting error "expecting POST /_api/cursor" HOT 1
- Documentation is unclear about when actual server connection occurs HOT 2
- Rollup Error: Could not resolve "./analyzer" from "./analyzer?commonjs-external" HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from arangojs.