5

We purchased a domain name and SSL certificate on godaddy, but our server is not on GoDaddy. WE run Lampp and NodeJS in our server, and we are trying to set up SSL with both. There is no problem with Lampp. the private key and certificate from godaddy is working. but when i try the same files with NodeJS. it fails.

This is my js script:

ssl = {
key: fs.readFileSync("./key.pem",'utf8'),
cert: fs.readFileSync("./cert.crt",'utf8'),
ca: [fs.readFileSync('./g1.crt','utf8'), 
fs.readFileSync('./g2.crt','utf8'), fs.readFileSync('./g3.crt','utf8')]
};
server = require('https').createServer(ssl, app);

This is the Error

_tls_common.js:104
  c.context.setKey(options.key, options.passphrase);
            ^

  Error: error:0909006C:PEM routines:get_name:no start line

After some googling, i have tried several solution: adding "utf8", spliting gd bundle, using nodepad++ to fix code. None of them helped.

However, nodejs can use my self-signed key and certificate files. So i would like to ask. Did i generate my key incorrectly? Should I manually generate private key/CSR locally and request a new certificate on GoDaddy? or there is something wrong in my code?

Sayuri Mizuguchi
  • 5,250
  • 3
  • 26
  • 53
Eze
  • 85
  • 8
  • Does it really say `TongueEM` and not `PEM`? That's truly weird. Make sure your files are in fact PEM format: a -----BEGIN (type)----- line, some lines of base64 not over 76 chars in width, and a -----END (type)----- line. Lines must have terminating LF or CRLF. Make sure the privatekey file's type is a valid privatekey type. If these files are or have been on Windows, make sure they do NOT have a 'BOM' (Byte Order Mark) at the beginning. (Use a hex editor or similar; BOM is invisible in normal text editors like notepad.) – dave_thompson_085 Apr 03 '19 at 17:17
  • If I'm wrong, the error is this `Error: error:0909006C:PEM routines:get_name:no start line` – Eze Apr 03 '19 at 17:51

1 Answers1

0

This error message would mean that those files are wrong, corrupt or was requested for other OS Enviroments. So we have some options.

  1. Resolution about the code (importing file system library and use full path).
let yourKey = fs.readFileSync('./folderOne/folderTwo/initial.key').toString();
let yourCertificate = fs.readFileSync('./folderOne/folderTwo/certificate.crt').toString();
var credentials = { key: yourKey, cert: yourCertificate };
  1. Resolution requesting per OS compatibility:
    • Request for new certificates with a note about the OS (Linux, Windows, etc) sending the initial key for the provider that was sent to you.

Important.: You only need the .crt file and the private key.

Sayuri Mizuguchi
  • 5,250
  • 3
  • 26
  • 53